www.unionsavings.com Open in urlscan Pro
151.101.193.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.unionsavings.com/Mzk0LURVQS04ODIAAAGNwT4pf2B1S8A1bXm88dklQEclpBrjnrD82pCDIUXsz_xOJw5cOWsMQObZdceTWeeA36hYFwM=
Effective URL:
https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240...
Submission: On August 23 via manual (August 23rd 2023, 5:15:36 pm UTC) from DE — Scanned from DE

Summary HTTP 80 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 27 domains to perform 80 HTTP transactions. The main IP is 151.101.193.223, located in United States and belongs to FASTLY, US. The main domain is www.unionsavings.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 23rd 2023. Valid for: a year.

This is the only time www.unionsavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	151.101.193.223 151.101.193.223	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	104.102.38.132 104.102.38.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	184.106.10.72 184.106.10.72	19994 (RACKSPACE) (RACKSPACE)
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.205.127.113 54.205.127.113	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	35.160.11.116 35.160.11.116	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:a000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
8	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	18.65.33.149 18.65.33.149	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	108.138.17.12 108.138.17.12	16509 (AMAZON-02) (AMAZON-02)
80	34

1 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

email.unionsavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.193.223 (United States)

ASN54113 (FASTLY, US)

www.unionsavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.106.10.72 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

www.livehelpnow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.unionsavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tenon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.127.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-127-113.compute-1.amazonaws.com

www.levelaccess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.11.116 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-11-116.us-west-2.compute.amazonaws.com

pixel37a2121c8ef1223.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

11064197.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

394-dua-882.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:a000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.33.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-33-149.ams1.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-12.fra56.r.cloudfront.net

cdn.livehelpnow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 11064197.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 93	10 KB
11	unionsavings.com email.unionsavings.com www.unionsavings.com info.unionsavings.com	650 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	324 B
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3101 adservice.google.com — Cisco Umbrella Rank: 100	3 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6490	994 B
6	livehelpnow.net 2 redirects www.livehelpnow.net — Cisco Umbrella Rank: 41686 cdn.livehelpnow.net — Cisco Umbrella Rank: 48868	41 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 357 www.linkedin.com — Cisco Umbrella Rank: 582 px4.ads.linkedin.com — Cisco Umbrella Rank: 6211	5 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	327 KB
4	yimg.com s.yimg.com — Cisco Umbrella Rank: 602	13 KB
4	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1509 insight.adsrvr.org — Cisco Umbrella Rank: 590	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 356	13 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
3	gstatic.com fonts.gstatic.com	68 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1259	879 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3366	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	189 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 246	410 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 401	15 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	667 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 859	366 B
1	mktoresp.com 394-dua-882.mktoresp.com	318 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 772	5 KB
1	advangelists.com pixel37a2121c8ef1223.advangelists.com	546 B
1	levelaccess.com www.levelaccess.com — Cisco Umbrella Rank: 428097
1	tenon.io 1 redirects tenon.io	450 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	996 B
80	27

	Domain	Requested by
9	www.unionsavings.com	email.unionsavings.com www.unionsavings.com
8	www.facebook.com	www.unionsavings.com
6	www.google.de	www.unionsavings.com
5	www.google.com	2 redirects www.unionsavings.com
5	connect.facebook.net	email.unionsavings.com connect.facebook.net
5	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
5	www.livehelpnow.net	2 redirects www.unionsavings.com www.livehelpnow.net
4	s.yimg.com	11064197.fls.doubleclick.net s.yimg.com
4	11064197.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net js.adsrvr.org
3	bat.bing.com	www.unionsavings.com bat.bing.com
3	px.ads.linkedin.com	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	sp.analytics.yahoo.com	www.unionsavings.com
2	adservice.google.com	11064197.fls.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	munchkin.marketo.net	www.unionsavings.com munchkin.marketo.net
2	www.googletagmanager.com	www.unionsavings.com www.googletagmanager.com
1	cdn.livehelpnow.net
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.unionsavings.com
1	d1eoo1tco6rr5e.cloudfront.net	www.unionsavings.com
1	px4.ads.linkedin.com	www.unionsavings.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	region1.analytics.google.com	www.googletagmanager.com
1	394-dua-882.mktoresp.com	munchkin.marketo.net
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	pixel37a2121c8ef1223.advangelists.com	www.unionsavings.com
1	js.adsrvr.org	www.unionsavings.com
1	www.levelaccess.com	www.unionsavings.com
1	tenon.io	1 redirects
1	info.unionsavings.com	www.unionsavings.com
1	fonts.googleapis.com	www.unionsavings.com
1	email.unionsavings.com
80	37

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
cibng.ibanking-services.com
login2.fisglobal.com
www.ultimatesoftware.com
www.fdic.gov

Subject Issuer	Validity	Valid
email.unionsavings.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
www.unionsavings.com Entrust Certification Authority - L1K	`2023-02-23` - `2024-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.livehelpnow.net Go Daddy Secure Certificate Authority - G2	`2023-05-16` - `2024-06-16`	a year	crt.sh
info.unionsavings.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.advangelists.com Amazon RSA 2048 M02	`2023-02-09` - `2024-01-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-02` - `2023-08-31`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Frame ID: BF69C6280265AB793562569E0DABA93B
Requests: 64 HTTP requests in this frame

Frame: https://11064197.fls.doubleclick.net/activityi;dc_pre=CP6PoZGk84ADFVNYDQodObUJwg;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Frame ID: 976BE3E8C110EAF85266A90EDA8D4CFB
Requests: 5 HTTP requests in this frame

Frame: https://11064197.fls.doubleclick.net/activityi;dc_pre=CMSUoZGk84ADFVcSaAgdyaUHCg;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Frame ID: 8D6054516762423DCEEB2ACF35184637
Requests: 5 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/afk5uvc/8fxx12e/iframe
Frame ID: 45AD9A3A82CC1C2CC353F320BE685121
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 35B780715BF7B425D32D93248634D1E3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9CC31E4C569D1825C1CD6EA8CB9569CA
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=lqfgv3j&ref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&upid=rr58d04&upv=1.1.0
Frame ID: 464C1D3ECCD1C181C73D072EDEDD04EE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 713038EB263A37682509AFB9240F4FFF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norwalk Personal Checking Offer - USB

Page URL History Show full URLs

https://email.unionsavings.com/Mzk0LURVQS04ODIAAAGNwT4pf2B1S8A1bXm88dklQEclpBrjnrD82pCDIUXsz_xOJw5cOWsMQObZ... Page URL
https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKr... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

94 %
HTTPS

50 %
IPv6

27
Domains

37
Subdomains

34
IPs

6
Countries

1369 kB
Transfer

4933 kB
Size

23
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/unionsavingsbankct/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UnionSavingsBankCT

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/union-savings-bank---ct

Search URL Search Domain Scan URL

URL: https://twitter.com/UnionSavingsCT

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/UnionSavingsBank

Search URL Search Domain Scan URL

URL: https://cibng.ibanking-services.com/cib/themes/cib_enroll/enroll/enroll.jsp?FIORG=957&FIFID=221172241
Title: Not enrolled? Sign Up Now

Search URL Search Domain Scan URL

URL: https://login2.fisglobal.com/idp/0171A/?ClientID=PALUI
Title: Go To Login

Search URL Search Domain Scan URL

URL: https://www.ultimatesoftware.com/Privacy-Policy
Title: UltiPro Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.fdic.gov/resources/deposit-insurance/understanding-deposit-insurance/index.html
Title: Member FDIC.

Search URL Search Domain Scan URL

URL: https://www.fdic.gov/regulations/laws/rules/2000-6000.html
Title: Equal Housing Lender

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.unionsavings.com/Mzk0LURVQS04ODIAAAGNwT4pf2B1S8A1bXm88dklQEclpBrjnrD82pCDIUXsz_xOJw5cOWsMQObZdceTWeeA36hYFwM= Page URL
https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://tenon.io/api/monitor.js HTTP 301
https://www.levelaccess.com/tenon-retiring-faqs/

Request Chain 23

https://11064197.fls.doubleclick.net/activityi;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2 HTTP 302
https://11064197.fls.doubleclick.net/activityi;dc_pre=CP6PoZGk84ADFVNYDQodObUJwg;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2

Request Chain 24

https://11064197.fls.doubleclick.net/activityi;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2 HTTP 302
https://11064197.fls.doubleclick.net/activityi;dc_pre=CMSUoZGk84ADFVcSaAgdyaUHCg;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2

Request Chain 30

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11258359070/?random=1692810929923&cv=11&fst=1692810929923&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&auid=904067749.1692810930&uamb=0&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/11258359070/?random=1692810929923&cv=11&fst=1692810000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&is_vtc=1&random=278517389 HTTP 302
https://www.google.de/pagead/1p-user-list/11258359070/?random=1692810929923&cv=11&fst=1692810000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&is_vtc=1&random=278517389&ipr=y

Request Chain 37

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10957493594/?random=1533260972&cv=11&fst=1692810929920&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&label=FI0YCKehpLoYENqq-Ogo&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&value=0&auid=904067749.1692810930&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=sT7mZPvGO_ih9u8P2KWlqAo&sscte=1&crd=CKK4sQI&eitems=ChEI8NyWpwYQkNqIh_-69MK-ARIdAK090xQdYhOtOdCBQtpqC3F5Kx1alchLSgZb6fA&pscrd=Ek5DaEVJOE55V3B3WVFqY2FzNDkyRzNkYjNBUklsQUVjd3lzdjJGcjFKZUNQeUhKczhhZnhCMGEwaGdaekJLeUtleHBhVEU5MnhXeGhKS1EaWENoRUk4TnlXcHdZUXB0anUyb1M1OHRqSEFSSXRBRjdNMC1nZXpZdW5GMnNfVVREakxMN3ZGRlY2SFdoeEdISVd2OWhpbzNHMzlQWk1BMk5hTmJxczJXRnIiEwi745yRpPOAAxX4kP0HHdhSCaU HTTP 302
https://www.google.com/pagead/1p-conversion/10957493594/?random=1533260972&cv=11&fst=1692810929920&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&label=FI0YCKehpLoYENqq-Ogo&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&value=0&auid=904067749.1692810930&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEVJOE55V3B3WVFqY2FzNDkyRzNkYjNBUklsQUVjd3lzdjJGcjFKZUNQeUhKczhhZnhCMGEwaGdaekJLeUtleHBhVEU5MnhXeGhKS1EaWENoRUk4TnlXcHdZUXB0anUyb1M1OHRqSEFSSXRBRjdNMC1nZXpZdW5GMnNfVVREakxMN3ZGRlY2SFdoeEdISVd2OWhpbzNHMzlQWk1BMk5hTmJxczJXRnIiEwi745yRpPOAAxX4kP0HHdhSCaU&is_vtc=1&ocp_id=sT7mZPvGO_ih9u8P2KWlqAo&cid=CAQSKQBpAlJWvdZ3HDMMSO9TLJyJFsxAc0RhpO8UYcfDJ-mdbqhgv0B8yNc5&eitems=ChEI8NyWpwYQkNqIh_-69MK-ARIdAK090xQraaegFagiDhlnpSb4EPNBZS5ZDBG6yq8&random=567567620 HTTP 302
https://www.google.de/pagead/1p-conversion/10957493594/?random=1533260972&cv=11&fst=1692810929920&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&label=FI0YCKehpLoYENqq-Ogo&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&value=0&auid=904067749.1692810930&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEVJOE55V3B3WVFqY2FzNDkyRzNkYjNBUklsQUVjd3lzdjJGcjFKZUNQeUhKczhhZnhCMGEwaGdaekJLeUtleHBhVEU5MnhXeGhKS1EaWENoRUk4TnlXcHdZUXB0anUyb1M1OHRqSEFSSXRBRjdNMC1nZXpZdW5GMnNfVVREakxMN3ZGRlY2SFdoeEdISVd2OWhpbzNHMzlQWk1BMk5hTmJxczJXRnIiEwi745yRpPOAAxX4kP0HHdhSCaU&is_vtc=1&ocp_id=sT7mZPvGO_ih9u8P2KWlqAo&cid=CAQSKQBpAlJWvdZ3HDMMSO9TLJyJFsxAc0RhpO8UYcfDJ-mdbqhgv0B8yNc5&eitems=ChEI8NyWpwYQkNqIh_-69MK-ARIdAK090xQraaegFagiDhlnpSb4EPNBZS5ZDBG6yq8&random=567567620&ipr=y

Request Chain 45

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4393001%26time%3D1692810930059%26url%3Dhttps%253A%252F%252Fwww.unionsavings.com%252Fnorwalk-personal-checking-offer%252F%253Fmkt_tok%253DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&cookiesTest=true&liSync=true&e_ipv6=AQK-x7PlwNPkqwAAAYojZOmuY-u-72OxYD5pSduJDrigsx5tzSxe8Y6pUUuRx7xNRwfruVPDrK2W

Request Chain 61

https://insight.adsrvr.org/tags/afk5uvc/8fxx12e/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/afk5uvc/8fxx12e/iframe

Request Chain 76

https://www.livehelpnow.net/lhn/functions/imageserver.ashx?lhnid=22783&java=No&zimg=7865&sres=1600x1200&sdepth=24&custom1=&custom2=&custom3=&t=t&d=0&rnd=0.5057986437361877&ck=true&referrer=https%3A//email.unionsavings.com/&pagetitle=Norwalk%20Personal%20Checking%20Offer%20-%20USB&pageurl=https%3A//www.unionsavings.com/norwalk-personal-checking-offer/%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2 HTTP 302
https://www.livehelpnow.net/clients/22783/22783-on-G86RF25HQ4.png HTTP 301
https://cdn.livehelpnow.net/clients/22783/22783-on-G86RF25HQ4.png

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 Mzk0LURVQS04ODIAAAGNwT4pf2B1S8A1bXm88dklQEclpBrjnrD82pCDIUXsz_xOJw5cOWsMQObZdceTWeeA36hYFwM=
email.unionsavings.com/ 547 B
1 KB 572ms
355ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://email.unionsavings.com/Mzk0LURVQS04ODIAAAGNwT4pf2B1S8A1bXm88dklQEclpBrjnrD82pCDIUXsz_xOJw5cOWsMQObZdceTWeeA36hYFwM=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-NsnWdQNsf6v1+SPnX+7kfc4JqdQE7imP4q+/AmdxnPc=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7fb4ff60fddc30c3-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-NsnWdQNsf6v1+SPnX+7kfc4JqdQE7imP4q+/AmdxnPc=';object-src 'none';form-action 'none';frame-src 'none'
content-type: text/html;charset=UTF-8
date: Wed, 23 Aug 2023 17:15:26 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: e1af2f52f0153843

GET
H/1.1 200
OK Primary Request / Show response
www.unionsavings.com/norwalk-personal-checking-offer/ 139 KB
39 KB 2752ms
2450ms Document
text/html 151.101.193.223
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2

Requested by

Host: email.unionsavings.com
URL: https://email.unionsavings.com/Mzk0LURVQS04ODIAAAGNwT4pf2B1S8A1bXm88dklQEclpBrjnrD82pCDIUXsz_xOJw5cOWsMQObZdceTWeeA36hYFwM=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.223 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1c4f1dcf05670290568ddec305d3b099308c7f5f5542cdec5e288ff1caac7dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://email.unionsavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 39360
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 17:15:29 GMT
Feature-Policy: sync-xhr 'self'
Link: <https://www.unionsavings.com/?p=28093>; rel=shortlink
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=300
Vary: Accept-Encoding, Cookie, Cookie
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS, MISS
X-Cache-Hits: 0, 0, 0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Pantheon-Styx-Hostname: styx-fe3-b-59d8b4cd4d-tbbr8
X-Served-By: cache-chi-kigq8000123-CHI, cache-fra-etou8220035-FRA, cache-fra-eddf8230065-FRA
X-Styx-Req-Id: a75efd84-41d8-11ee-a79c-b6e2efb3c54f
X-Timer: S1692810927.902957,VS0,VE2430
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK aggregated_d85bebe4970c422d30f6a86cdbb6fbf1.css
www.unionsavings.com/wp-content/uploads/resources/css/ 2 MB
242 KB 197ms
197ms Stylesheet
text/css 151.101.193.223
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unionsavings.com/wp-content/uploads/resources/css/aggregated_d85bebe4970c422d30f6a86cdbb6fbf1.css

Requested by

Host: www.unionsavings.com
URL: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.223 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

22fb42a219c70a051b6d308c6f8cd7d09d47d4601dd9f7a54432ea614a1156f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Cache-Hits: 1, 0, 0
Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Date: Wed, 23 Aug 2023 17:15:29 GMT
Age: 716631
X-Cache: HIT, MISS, MISS
X-Pantheon-Styx-Hostname: styx-fe3-b-59d8b4cd4d-z2m48
Connection: keep-alive
Content-Length: 246599
X-Served-By: cache-chi-klot8100101-CHI, cache-fra-etou8220106-FRA, cache-fra-eddf8230048-FRA
Last-Modified: Mon, 14 Aug 2023 13:48:37 GMT
Server: nginx
X-Timer: S1692810929.356135,VS0,VE166
Etag: W/"64da30b5-1b09e2"
Vary: Accept-Encoding
Content-Type: text/css
X-Styx-Req-Id: 1f6e49da-3b54-11ee-b3bd-1a10ba961981
Cache-Control: max-age=31622400
Accept-Ranges: bytes
Expires: Thu, 15 Aug 2024 10:11:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
996 B 77ms
30ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i&subset=latin-ext&ver=21b0a3d7476625f8d610d221972f4762

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10633aa7e5332c8d335f5c314d627898544e825ea7e78f2b8a8856fc70bbdccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 17:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 17:01:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 17:15:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 457 KB
100 KB 108ms
60ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59bbc732a3046509ce5a185364854c02581c40b3a2c733bf717ae450c4101b3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102224
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 16:03:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 17:15:29 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 105ms
32ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.unionsavings.com
URL: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 17:15:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H/1.1 200
OK usb-ogo-full-color.png
www.unionsavings.com/wp-content/themes/usb/assets/img/ 56 KB
57 KB 24ms
23ms Image
image/png 151.101.193.223
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unionsavings.com/wp-content/themes/usb/assets/img/usb-ogo-full-color.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.223 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

83d5396214368208035b393fa624bf30f36aef496b7bb0ba34527b86f7340087

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Cache-Hits: 1, 0, 1
Strict-Transport-Security: max-age=300
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Date: Wed, 23 Aug 2023 17:15:29 GMT
Age: 3202454
X-Cache: HIT, MISS, HIT
X-Pantheon-Styx-Hostname: styx-fe3-a-65bfc57bb5-qlj92
Connection: keep-alive
Content-Length: 57251
X-Served-By: cache-chi-kigq8000107-CHI, cache-fra-etou8220112-FRA, cache-fra-eddf8230048-FRA
Last-Modified: Mon, 17 Jul 2023 14:55:10 GMT
Server: nginx
X-Timer: S1692810930.713976,VS0,VE2
Etag: "64b5564e-dfa3"
Content-Type: image/png
X-Styx-Req-Id: 5db35dbe-24b8-11ee-a986-d62557fe7b32
Cache-Control: max-age=31622400
Accept-Ranges: bytes
Expires: Wed, 17 Jul 2024 15:41:15 GMT

GET
H/1.1 200
OK USB23-Norwalk-PersonalCheck_Header3.jpg
www.unionsavings.com/wp-content/uploads/2023/06/ 75 KB
76 KB 94ms
93ms Image
image/jpeg 151.101.193.223
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unionsavings.com/wp-content/uploads/2023/06/USB23-Norwalk-PersonalCheck_Header3.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.223 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

08b55db71add8860cc1c78511913a870219ac6ca621eb8e514966417f6ec9124

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Cache-Hits: 4, 1, 1
Strict-Transport-Security: max-age=300
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Date: Wed, 23 Aug 2023 17:15:29 GMT
Age: 3192169
X-Cache: HIT, HIT, HIT
X-Pantheon-Styx-Hostname: styx-fe3-b-b6d899c9f-7fhgf
Connection: keep-alive
Content-Length: 76631
X-Served-By: cache-chi-klot8100093-CHI, cache-fra-etou8220104-FRA, cache-fra-eddf8230065-FRA
Last-Modified: Thu, 22 Jun 2023 13:24:47 GMT
Server: nginx
X-Timer: S1692810930.711445,VS0,VE74
Etag: "64944b9f-12b57"
Content-Type: image/jpeg
X-Styx-Req-Id: 0957e605-2485-11ee-bacb-b27ab2b63ea3
Cache-Control: max-age=31622400
Accept-Ranges: bytes
Expires: Wed, 17 Jul 2024 09:33:50 GMT

GET
H/1.1 200
OK lhnchatbutton-current.min.js Show response
www.livehelpnow.net/lhn/widgets/chatbutton/ 8 KB
3 KB 407ms
125ms Script
application/javascript 184.106.10.72
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livehelpnow.net/lhn/widgets/chatbutton/lhnchatbutton-current.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

184.106.10.72 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Microsoft-IIS/8.0 /

Resource Hash

172f877ea8bcedabf8e15636930c01911b15c33656de8a24361992b600bdf07c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 17:15:29 GMT
Content-Encoding: gzip
Last-Modified: Sat, 31 Oct 2020 01:26:10 GMT
Server: Microsoft-IIS/8.0
ETag: "06528d024afd61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=900
Accept-Ranges: bytes
Content-Length: 2230
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.min.js Show response
www.unionsavings.com/wp-includes/js/jquery/ 88 KB
36 KB 21ms
21ms Script
application/x-javascript 151.101.193.223
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unionsavings.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.223 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Cache-Hits: 1, 1, 1
Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Date: Wed, 23 Aug 2023 17:15:29 GMT
Age: 1283485
X-Cache: HIT, HIT, HIT
X-Pantheon-Styx-Hostname: styx-fe3-b-698dff9f79-vp9zj
Connection: keep-alive
Content-Length: 36154
X-Served-By: cache-chi-klot8100098-CHI, cache-fra-etou8220043-FRA, cache-fra-eddf8230048-FRA
Last-Modified: Tue, 08 Aug 2023 05:57:14 GMT
Server: nginx
X-Timer: S1692810930.611360,VS0,VE2
Etag: W/"64d1d93a-15ed7"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Styx-Req-Id: 501342fd-362c-11ee-9113-b23f7a401ea8
Cache-Control: max-age=31622400
Accept-Ranges: bytes
Expires: Thu, 08 Aug 2024 20:44:04 GMT

GET
H2 200 forms2.min.js Show response
info.unionsavings.com/js/forms2/js/ 208 KB
70 KB 501ms
177ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.unionsavings.com/js/forms2/js/forms2.min.js?ver=1.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 13 Jul 2023 18:50:22 GMT
server: cloudflare
etag: "106040b-34099-60062cdee3780"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 7fb4ff78b9e66915-FRA

GET
H2

200

/ Show response
www.levelaccess.com/tenon-retiring-faqs/
Redirect Chain

https://tenon.io/api/monitor.js
https://www.levelaccess.com/tenon-retiring-faqs/

0
0

613ms
222ms

Script
text/html

54.205.127.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.levelaccess.com/tenon-retiring-faqs/
Requested by: Host: www.unionsavings.com
URL: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Protocol: H2
Server: 54.205.127.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-127-113.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Redirect headers

date: Wed, 23 Aug 2023 17:15:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGurnSaMbaYNaURj0gXC0r3a9pDpRU2TicszbaDcl%2BsGDU1EIAGsO%2F9ov2JoL%2BvqTGBM6HRy2hHeaO4wwVBi1tmwFOBvwrE0Yrd5bCCObGsAsUbMvTTJw2j3AYASAKHwZhJhRZTGnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.levelaccess.com:443/tenon-retiring-faqs/
cf-ray: 7fb4ff7728211c3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 134

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 87ms
19ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.unionsavings.com
URL: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:57:31 GMT
Content-Encoding: gzip
Via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 73079
ETag: W/"b7474eac210849250426a8f6a39d00f3"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: q1gyum518RaRXLc0qU_o6DnrTQEOQNtP28H5_dHdrLUWf5dMOek-Lw==

GET
H2 204 audiences
pixel37a2121c8ef1223.advangelists.com/v1/ 0
546 B 630ms
189ms Image
text/plain 35.160.11.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel37a2121c8ef1223.advangelists.com/v1/audiences?account_id=304&segment_key=37a2121c8ef1223&vars[advid]=1429

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.11.116 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-11-116.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:30 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
server: nginx/1.18.0
x-download-options: noopen
vary: origin,accept-encoding
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
x-frame-options: SAMEORIGIN
cache-control: no-cache
access-control-allow-headers: Authorization,Content-Type,If-None-Match
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK aggregated_9f597028081af36573948378830a1a04.js Show response
www.unionsavings.com/wp-content/uploads/resources/js/ 360 KB
119 KB 49ms
23ms Script
application/x-javascript 151.101.193.223
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unionsavings.com/wp-content/uploads/resources/js/aggregated_9f597028081af36573948378830a1a04.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.223 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

faebc06f98e1486cbe5e31e86878c77d014ce974f2bbd92950b214d2f616f712

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Cache-Hits: 2, 0, 1
Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Date: Wed, 23 Aug 2023 17:15:29 GMT
Age: 1327220
X-Cache: HIT, MISS, HIT
X-Pantheon-Styx-Hostname: styx-fe3-a-5d95cf7965-6qqx8
Connection: keep-alive
Content-Length: 121146
X-Served-By: cache-chi-kigq8000100-CHI, cache-fra-eddf8230049-FRA, cache-fra-eddf8230048-FRA
Last-Modified: Mon, 07 Aug 2023 11:36:39 GMT
Server: nginx
X-Timer: S1692810930.736961,VS0,VE2
Etag: W/"64d0d747-59eee"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Styx-Req-Id: 7bd8db23-35c6-11ee-b315-52299d3611ab
Cache-Control: max-age=31622400
Accept-Ranges: bytes
Expires: Thu, 08 Aug 2024 08:35:09 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.unionsavings.com/wp-includes/js/ 18 KB
6 KB 46ms
20ms Script
application/x-javascript 151.101.193.223
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unionsavings.com/wp-includes/js/wp-emoji-release.min.js?ver=21b0a3d7476625f8d610d221972f4762

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.223 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Cache-Hits: 1, 0, 1
Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Date: Wed, 23 Aug 2023 17:15:29 GMT
Age: 1108589
X-Cache: HIT, MISS, HIT
X-Pantheon-Styx-Hostname: styx-fe3-b-698dff9f79-zxg5j
Connection: keep-alive
Content-Length: 5842
X-Served-By: cache-chi-kigq8000173-CHI, cache-fra-etou8220023-FRA, cache-fra-eddf8230121-FRA
Last-Modified: Tue, 08 Aug 2023 22:00:10 GMT
Server: nginx
X-Timer: S1692810930.762270,VS0,VE1
Etag: W/"64d2baea-4904"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Styx-Req-Id: 8634bfd8-37c3-11ee-ba98-3295d72f9f2e
Cache-Control: max-age=31622400
Accept-Ranges: bytes
Expires: Sat, 10 Aug 2024 21:19:00 GMT

GET
H/1.1 200
OK check-list-3.png
www.unionsavings.com/wp-content/themes/usb/assets/img/ 1 KB
2 KB 53ms
20ms Image
image/png 151.101.193.223
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unionsavings.com/wp-content/themes/usb/assets/img/check-list-3.png

Requested by

Host: www.unionsavings.com
URL: https://www.unionsavings.com/wp-content/uploads/resources/css/aggregated_d85bebe4970c422d30f6a86cdbb6fbf1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.223 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

05ad8ce91c8e57f220cdbbeca3571bbda5e2786168c204d096de989f021c8cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/wp-content/uploads/resources/css/aggregated_d85bebe4970c422d30f6a86cdbb6fbf1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Cache-Hits: 1, 1, 1
Strict-Transport-Security: max-age=300
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Date: Wed, 23 Aug 2023 17:15:29 GMT
Age: 1937240
X-Cache: HIT, HIT, HIT
X-Pantheon-Styx-Hostname: styx-fe3-b-6465bb9fcc-rtddz
Connection: keep-alive
Content-Length: 1423
X-Served-By: cache-chi-klot8100152-CHI, cache-fra-etou8220075-FRA, cache-fra-eddf8230037-FRA
Last-Modified: Sun, 30 Jul 2023 14:48:01 GMT
Server: nginx
X-Timer: S1692810930.755150,VS0,VE1
Etag: "64c67821-58f"
Content-Type: image/png
X-Styx-Req-Id: 2bacf9da-303a-11ee-9e67-8e83fc5cc5a3
Cache-Control: max-age=31622400
Accept-Ranges: bytes
Expires: Thu, 01 Aug 2024 07:08:09 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 65ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i&subset=latin-ext&ver=21b0a3d7476625f8d610d221972f4762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.unionsavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 567403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:38:46 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 89ms
44ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.unionsavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:30:15 GMT
x-content-type-options: nosniff
age: 398714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:30:15 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 81ms
36ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.unionsavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:39:44 GMT
x-content-type-options: nosniff
age: 502545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 21:39:44 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 35ms
35ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 17:15:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 01 Dec 2023 17:15:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 15:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5466
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 17:44:23 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/941087067/ 3 KB
2 KB 107ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941087067/?random=1692810929905&cv=11&fst=1692810929905&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&auid=904067749.1692810930&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55dc1fd7ebb753178fa87c4b86b6f055552719b06252affd246fed942a600137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 112ms
34ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=65496
accept-ranges: bytes
content-length: 4862

GET
H2

200

activityi;dc_pre=CP6PoZGk84ADFVNYDQodObUJwg;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~o... Show response
11064197.fls.doubleclick.net/ Frame 976B
Redirect Chain

https://11064197.fls.doubleclick.net/activityi;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2...
https://11064197.fls.doubleclick.net/activityi;dc_pre=CP6PoZGk84ADFVNYDQodObUJwg;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;ua...

1 KB
1 KB

125ms
125ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11064197.fls.doubleclick.net/activityi;dc_pre=CP6PoZGk84ADFVNYDQodObUJwg;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

b80ed8d6b2ee27ffcaaff183dfd2391d8923141f50b1c00941a141948f096c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 723
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:15:30 GMT
expires: Wed, 23 Aug 2023 17:15:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:15:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11064197.fls.doubleclick.net/activityi;dc_pre=CP6PoZGk84ADFVNYDQodObUJwg;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CMSUoZGk84ADFVcSaAgdyaUHCg;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or... Show response
11064197.fls.doubleclick.net/ Frame 8D60
Redirect Chain

https://11064197.fls.doubleclick.net/activityi;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;...
https://11064197.fls.doubleclick.net/activityi;dc_pre=CMSUoZGk84ADFVcSaAgdyaUHCg;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uam...

1 KB
1019 B

128ms
127ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11064197.fls.doubleclick.net/activityi;dc_pre=CMSUoZGk84ADFVcSaAgdyaUHCg;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

44e8612270c01a272cde6dc9edd1462fe3c810ce9136f01d4e3573df0ab33f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 721
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:15:30 GMT
expires: Wed, 23 Aug 2023 17:15:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:15:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11064197.fls.doubleclick.net/activityi;dc_pre=CMSUoZGk84ADFVcSaAgdyaUHCg;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10957493594/ 3 KB
2 KB 77ms
32ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10957493594/?random=1692810929920&cv=11&fst=1692810929920&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&label=FI0YCKehpLoYENqq-Ogo&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&value=0&bttype=purchase&auid=904067749.1692810930&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4a08a450cc09bbc03e043891938bd7e02b6ba8aab6cc07410afd32d1176962b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1786
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10957493594/ 3 KB
2 KB 93ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10957493594/?random=1692810929922&cv=11&fst=1692810929922&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&auid=904067749.1692810930&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f89367a5d16aae59f058e888ea074cd19830ea038f9d229a2c0fcca59900541f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11259060532/ 3 KB
2 KB 92ms
63ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11259060532/?random=1692810929923&cv=11&fst=1692810929923&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&auid=904067749.1692810930&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5542979318a6147a5a2e52c064d21a597e8883e0f27a895a9444f30dc5e927e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1473
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 173 KB
47 KB 57ms
18ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: email.unionsavings.com
URL: https://email.unionsavings.com/Mzk0LURVQS04ODIAAAGNwT4pf2B1S8A1bXm88dklQEclpBrjnrD82pCDIUXsz_xOJw5cOWsMQObZdceTWeeA36hYFwM=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Aug 2023 17:15:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: fwk5hTZQmzY8dqWYWCTm8ErXWnPJMbkqbq8Zp4pNcOFhM2Ty4glhh6VoZlAZ1mWO8pOppdGnkwd+qgvdnrjd1w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
89 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-50K9KLK55N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ3RCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0d930b4b957d7e8a732468212f0194025ff3837daf83037f21214fa4253bb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91107
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 17:15:29 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/11258359070/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11258359070/?random=1692810929923&cv=11&fst=1692810929923&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3...
https://www.google.com/pagead/1p-user-list/11258359070/?random=1692810929923&cv=11&fst=1692810000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsaving...
https://www.google.de/pagead/1p-user-list/11258359070/?random=1692810929923&cv=11&fst=1692810000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings...

42 B
108 B

31ms
31ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11258359070/?random=1692810929923&cv=11&fst=1692810000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&is_vtc=1&random=278517389&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/11258359070/?random=1692810929923&cv=11&fst=1692810000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&is_vtc=1&random=278517389&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
394-dua-882.mktoresp.com/webevents/ 2 B
318 B 721ms
109ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://394-dua-882.mktoresp.com/webevents/visitWebPage?_mchNc=1692810929934&_mchCn=&_mchId=394-DUA-882&_mchTk=_mch-unionsavings.com-1692810929934-97729&mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&_mchHo=www.unionsavings.com&_mchPo=&_mchRu=%2Fnorwalk-personal-checking-offer%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Femail.unionsavings.com%2F&_mchQp=mkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 17:15:30 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: f41a4321-d990-479d-83c5-93ccf420d274

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 78ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-50K9KLK55N&gtm=45je38l0&_p=275350579&_gaz=1&cid=1161234901.1692810930&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692810930&sct=1&seg=0&dl=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&dr=https%3A%2F%2Femail.unionsavings.com%2F&dt=Norwalk%20Personal%20Checking%20Offer%20-%20USB&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50K9KLK55N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unionsavings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 83ms
28ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-50K9KLK55N&cid=1161234901.1692810930&gtm=45je38l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50K9KLK55N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unionsavings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 108ms
58ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-50K9KLK55N&cid=1161234901.1692810930&gtm=45je38l0&aip=1&z=360426880

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 27ms
27ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=275350579&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&dr=https%3A%2F%2Femail.unionsavings.com%2F&ul=en-us&de=UTF-8&dt=Norwalk%20Personal%20Checking%20Offer%20-%20USB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1745184499&gjid=768343426&cid=1161234901.1692810930&tid=UA-8953437-1&_gid=215071757.1692810930&_r=1&_slc=1&gtm=45He38l0n71WQ3RCJ&z=1823957508

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unionsavings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 135150050651159 Show response
connect.facebook.net/signals/config/ 91 KB
25 KB 199ms
198ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/135150050651159?v=2.9.124&r=stable&domain=www.unionsavings.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fe8c56cd4b72e75c76c1ccd7ff1010ab9506d232ff20226dd72ddc271509c98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Aug 2023 17:15:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: mN1t7W5H3hcVagH//FTp+mhXDurn1KcUoQliTJj3wM2Em2YCrLAc1X7BB4nSt4oEEmNx+Kyc73Em7h3TNwAwfA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/10957493594/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10957493594/?random=1533260972&cv=11&fst=1692810929920&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fww...
https://www.google.com/pagead/1p-conversion/10957493594/?random=1533260972&cv=11&fst=1692810929920&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2F...
https://www.google.de/pagead/1p-conversion/10957493594/?random=1533260972&cv=11&fst=1692810929920&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fn...

42 B
108 B

34ms
34ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10957493594/?random=1533260972&cv=11&fst=1692810929920&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&label=FI0YCKehpLoYENqq-Ogo&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&value=0&auid=904067749.1692810930&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEVJOE55V3B3WVFqY2FzNDkyRzNkYjNBUklsQUVjd3lzdjJGcjFKZUNQeUhKczhhZnhCMGEwaGdaekJLeUtleHBhVEU5MnhXeGhKS1EaWENoRUk4TnlXcHdZUXB0anUyb1M1OHRqSEFSSXRBRjdNMC1nZXpZdW5GMnNfVVREakxMN3ZGRlY2SFdoeEdISVd2OWhpbzNHMzlQWk1BMk5hTmJxczJXRnIiEwi745yRpPOAAxX4kP0HHdhSCaU&is_vtc=1&ocp_id=sT7mZPvGO_ih9u8P2KWlqAo&cid=CAQSKQBpAlJWvdZ3HDMMSO9TLJyJFsxAc0RhpO8UYcfDJ-mdbqhgv0B8yNc5&eitems=ChEI8NyWpwYQkNqIh_-69MK-ARIdAK090xQraaegFagiDhlnpSb4EPNBZS5ZDBG6yq8&random=567567620&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10957493594/?random=1533260972&cv=11&fst=1692810929920&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&label=FI0YCKehpLoYENqq-Ogo&hn=www.googleadservices.com&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&value=0&auid=904067749.1692810930&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEVJOE55V3B3WVFqY2FzNDkyRzNkYjNBUklsQUVjd3lzdjJGcjFKZUNQeUhKczhhZnhCMGEwaGdaekJLeUtleHBhVEU5MnhXeGhKS1EaWENoRUk4TnlXcHdZUXB0anUyb1M1OHRqSEFSSXRBRjdNMC1nZXpZdW5GMnNfVVREakxMN3ZGRlY2SFdoeEdISVd2OWhpbzNHMzlQWk1BMk5hTmJxczJXRnIiEwi745yRpPOAAxX4kP0HHdhSCaU&is_vtc=1&ocp_id=sT7mZPvGO_ih9u8P2KWlqAo&cid=CAQSKQBpAlJWvdZ3HDMMSO9TLJyJFsxAc0RhpO8UYcfDJ-mdbqhgv0B8yNc5&eitems=ChEI8NyWpwYQkNqIh_-69MK-ARIdAK090xQraaegFagiDhlnpSb4EPNBZS5ZDBG6yq8&random=567567620&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/941087067/ 42 B
108 B 62ms
36ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/941087067/?random=1692810929905&cv=11&fst=1692810000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&fmt=3&is_vtc=1&random=576723699&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/941087067/ 42 B
455 B 59ms
33ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/941087067/?random=1692810929905&cv=11&fst=1692810000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&fmt=3&is_vtc=1&random=576723699&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10957493594/ 42 B
108 B 57ms
32ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10957493594/?random=1692810929922&cv=11&fst=1692810000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&fmt=3&is_vtc=1&random=3594483098&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10957493594/ 42 B
108 B 33ms
32ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10957493594/?random=1692810929922&cv=11&fst=1692810000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&fmt=3&is_vtc=1&random=3594483098&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11259060532/ 42 B
108 B 34ms
33ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11259060532/?random=1692810929923&cv=11&fst=1692810000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&fmt=3&is_vtc=1&random=3442724366&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11259060532/ 42 B
108 B 33ms
33ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11259060532/?random=1692810929923&cv=11&fst=1692810000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&ref=https%3A%2F%2Femail.unionsavings.com%2F&frm=0&tiba=Norwalk%20Personal%20Checking%20Offer%20-%20USB&fmt=3&is_vtc=1&random=3442724366&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4393001/domain/unionsavings.com/ 36 B
366 B 211ms
168ms XHR
application/json 2600:9000:20eb:a000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4393001/domain/unionsavings.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:30 GMT
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 5m-hdRa9PeB5gs4StA_Oy8hb5i_Y6o71_0gZyo5nBSheQUkvGhm8vw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOa...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOa...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4393001%26time%3D1692810930059%26url%3Dhttps%253A%252F%252Fwww.unionsavings.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOa...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJO...

0
265 B

184ms
122ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&cookiesTest=true&liSync=true&e_ipv6=AQK-x7PlwNPkqwAAAYojZOmuY-u-72OxYD5pSduJDrigsx5tzSxe8Y6pUUuRx7xNRwfruVPDrK2W
Requested by: Host: www.unionsavings.com
URL: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:30 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4556F48A7B4444199D51A197930FC3F7 Ref B: DUS30EDGE0722 Ref C: 2023-08-23T17:15:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDmkIzeIs2CaGfFt53Pg==

Redirect headers

date: Wed, 23 Aug 2023 17:15:29 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 58947DCE810F4D81A020D13529CE7236 Ref B: FRAEDGE1521 Ref C: 2023-08-23T17:15:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4393001&time=1692810930059&url=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&cookiesTest=true&liSync=true&e_ipv6=AQK-x7PlwNPkqwAAAYojZOmuY-u-72OxYD5pSduJDrigsx5tzSxe8Y6pUUuRx7xNRwfruVPDrK2W
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDmkIwnSJQyfOCw6GW4g==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 42ms
27ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8953437-1&cid=1161234901.1692810930&jid=1745184499&gjid=768343426&_gid=215071757.1692810930&_u=YADAAEAAAAAAACAAI~&z=703672280

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Aug 2023 17:15:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unionsavings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CP6PoZGk84ADFVNYDQodObUJwg;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=*;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsa...
adservice.google.com/ddm/fls/z/ Frame 976B 42 B
401 B 165ms
119ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP6PoZGk84ADFVNYDQodObUJwg;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=*;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2

Requested by

Host: 11064197.fls.doubleclick.net
URL: https://11064197.fls.doubleclick.net/activityi;dc_pre=CP6PoZGk84ADFVNYDQodObUJwg;src=11064197;type=usbpe0;cat=usbpe00b;ord=9744109978824;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11064197.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 93ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 23 Aug 2023 17:15:29 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4A7475A0E6D44ACCA61EE0A5C9472576 Ref B: FRA31EDGE0509 Ref C: 2023-08-23T17:15:30Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 976B 18 KB
7 KB 97ms
29ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11064197.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:17 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: QMVSHRHGQQS7P2HA
age: 14
x-amz-server-side-encryption: AES256
x-amz-id-2: 7oOBYWnBLtCYCbjSGJV0E4wtABwVoLJpqaY0I4WXa3UEd78Mfoxgryz51ntnASkEhOQORj6R/RpwBcZSz2Iz7Apz+F+El2iSVeX2DS6PxFQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 dc_pre=CMSUoZGk84ADFVcSaAgdyaUHCg;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=*;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsav...
adservice.google.com/ddm/fls/z/ Frame 8D60 42 B
107 B 149ms
119ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMSUoZGk84ADFVcSaAgdyaUHCg;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=*;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2

Requested by

Host: 11064197.fls.doubleclick.net
URL: https://11064197.fls.doubleclick.net/activityi;dc_pre=CMSUoZGk84ADFVcSaAgdyaUHCg;src=11064197;type=usbpe0;cat=usbpe006;ord=805450555914;auiddc=904067749.1692810930;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11064197.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 8D60 18 KB
6 KB 145ms
85ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11064197.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:17 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: QMVSHRHGQQS7P2HA
age: 14
x-amz-server-side-encryption: AES256
x-amz-id-2: 7oOBYWnBLtCYCbjSGJV0E4wtABwVoLJpqaY0I4WXa3UEd78Mfoxgryz51ntnASkEhOQORj6R/RpwBcZSz2Iz7Apz+F+El2iSVeX2DS6PxFQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H3 200 2792622811039837 Show response
connect.facebook.net/signals/config/ 137 KB
36 KB 91ms
91ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2792622811039837?v=2.9.124&r=stable&domain=www.unionsavings.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

094b7a3c8985fad6f9dd6d4ce98f9f1e62b8c3a72d25fda42e728c371aec8788

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Aug 2023 17:15:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: uXQTUzis4rfdShZEAdzJkyQeEOyzRc2/h4fLIB+5kIIO5DVNvg22vyqkWnbqtHBt+9BlPK9QFlwy/uZahrYxsg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 57ms
18ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=135150050651159&ev=PageView&dl=https%3A%2F%2Fwww.unionsavings.com&rl=https%3A%2F%2Femail.unionsavings.com&if=false&ts=1692810930277&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=28&fbp=fb.1.1692810930274.390853369&pm=1&hrl=90ba7a&it=1692810930049&coo=false&cs_cc=1&cas=3972294562817128%2C2397008190336376%2C1629969420465227&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Aug 2023 17:15:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 6025274.js Show response
bat.bing.com/p/action/ 0
118 B 45ms
45ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/6025274.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 23 Aug 2023 17:15:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2564E95893E04FF2A3C27FB278A8D1FF Ref B: FRA31EDGE0509 Ref C: 2023-08-23T17:15:30Z
x-cache: CONFIG_NOCACHE

GET
H2 200 10198515.json Show response
s.yimg.com/wi/config/ Frame 976B 2 B
486 B 468ms
417ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10198515.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11064197.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 9EJ71Z7BYH0GRSJM
age: 0
content-length: 22
x-amz-id-2: 7yEEfWo6tRZlYTT58VZBMqI8XZYaKxRwcxC9m/GiVn41c0r8vhQgRU6WDJAO2Zm2dd/+osEzQUU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H3 200 1976637179257688 Show response
connect.facebook.net/signals/config/ 384 KB
109 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1976637179257688?v=2.9.124&r=stable&domain=www.unionsavings.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fb9eaf2e00d42e7bce1fa250574281d02ffbb2be502de1f70f0a48ddd211e54

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Aug 2023 17:15:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 8lvBhiEDaJU1vJdJmsZOsBzi0dkZLOcdToBZ6LWE2fnvq68ff3l9tDln1ixLtRO1RrRYw+6i/k5NdA2CbTnLcQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 19ms
18ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2792622811039837&ev=ViewContent&dl=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&rl=https%3A%2F%2Femail.unionsavings.com%2F&if=false&ts=1692810930416&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692810930274.390853369&cs_est=true&est_source=1018593442485311&it=1692810930049&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Aug 2023 17:15:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 19ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2792622811039837&ev=PageView&dl=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&rl=https%3A%2F%2Femail.unionsavings.com%2F&if=false&ts=1692810930416&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692810930274.390853369&cs_est=true&it=1692810930049&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Aug 2023 17:15:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 10198515.json Show response
s.yimg.com/wi/config/ Frame 8D60 2 B
90 B 446ms
437ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10198515.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11064197.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:15:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 9EJ71Z7BYH0GRSJM
age: 0
content-length: 2
x-amz-id-2: 7yEEfWo6tRZlYTT58VZBMqI8XZYaKxRwcxC9m/GiVn41c0r8vhQgRU6WDJAO2Zm2dd/+osEzQUU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H3 200 /
www.facebook.com/tr/ 0
17 B 20ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1976637179257688&ev=PageView&dl=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&rl=https%3A%2F%2Femail.unionsavings.com%2F&if=false&ts=1692810930531&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692810930274.390853369&cs_est=true&it=1692810930049&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Aug 2023 17:15:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/afk5uvc/8fxx12e/ Frame 45AD
Redirect Chain

https://insight.adsrvr.org/tags/afk5uvc/8fxx12e/iframe
https://d1eoo1tco6rr5e.cloudfront.net/afk5uvc/8fxx12e/iframe

138 B
667 B

120ms
36ms

Document
text/html

18.65.33.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/afk5uvc/8fxx12e/iframe
Requested by: Host: www.unionsavings.com
URL: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.33.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-33-149.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b9733a87bae1b57b2a351e2570aa3a5529d17095f9f73bf6074fabfe66321f5

Request headers

Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 30912
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Wed, 23 Aug 2023 08:40:20 GMT
ETag: "ff2305d2c9b155ec3e4b124306bf079d"
Last-Modified: Fri, 01 Oct 2021 23:56:30 GMT
Server: AmazonS3
Via: 1.1 74511018c757716e70d811d8214e45e0.cloudfront.net (CloudFront)
X-Amz-Cf-Id: B0n6JdVf4NIqcPk5i4ED6HP-uk-ayGOdrJthYxFdzHUAYV_rOchA8Q==
X-Amz-Cf-Pop: AMS1-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 17:15:30 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/afk5uvc/8fxx12e/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 526821071747014 Show response
connect.facebook.net/signals/config/ 389 KB
110 KB 100ms
99ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/526821071747014?v=2.9.124&r=stable&domain=www.unionsavings.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59de0191eccd0f2f9130ae2ce52272ce27bf5b4e9be276c2badf66ea1dcf3e92

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Aug 2023 17:15:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: CKQ4kJPIm3Lh3IvhNrNTZXJMqj4cXj1fmwNsAGwvZjHWvdokSe55TIFrG9p80qdfzMQeGEsofJUt0xsItLBrtw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK arrow-down.jpg
www.unionsavings.com/wp-content/themes/usb/assets/img/ 2 KB
3 KB 21ms
21ms Image
image/jpeg 151.101.193.223
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unionsavings.com/wp-content/themes/usb/assets/img/arrow-down.jpg

Requested by

Host: www.unionsavings.com
URL: https://www.unionsavings.com/wp-content/uploads/resources/css/aggregated_d85bebe4970c422d30f6a86cdbb6fbf1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.223 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

60feb2b945f78cc3aee110077cdc628a9e2ba4ac833c9824b4f534c7a2e4118c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/wp-content/uploads/resources/css/aggregated_d85bebe4970c422d30f6a86cdbb6fbf1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Cache-Hits: 1, 0, 1
Strict-Transport-Security: max-age=300
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Date: Wed, 23 Aug 2023 17:15:30 GMT
Age: 1584066
X-Cache: HIT, MISS, HIT
X-Pantheon-Styx-Hostname: styx-fe3-b-698dff9f79-pck8f
Connection: keep-alive
Content-Length: 1959
X-Served-By: cache-chi-kigq8000137-CHI, cache-fra-etou8220105-FRA, cache-fra-eddf8230065-FRA
Last-Modified: Thu, 03 Aug 2023 19:44:53 GMT
Server: nginx
X-Timer: S1692810931.814344,VS0,VE1
Etag: "64cc03b5-7a7"
Content-Type: image/jpeg
X-Styx-Req-Id: 78f94108-3370-11ee-b9d4-4665a4d64689
Cache-Control: max-age=31622400
Accept-Ranges: bytes
Expires: Mon, 05 Aug 2024 09:14:25 GMT

GET
H2 204 0
bat.bing.com/action/ 0
286 B 45ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=6025274&Ver=2&mid=ff445485-b675-4afd-bfca-f1a99a4c9ccc&sid=a98ba74041d811eeaf393931963c6434&vid=a98bc5b041d811ee884829e00cf0bf04&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Norwalk%20Personal%20Checking%20Offer%20-%20USB&p=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&r=https%3A%2F%2Femail.unionsavings.com%2F&lt=4206&evt=pageLoad&sv=1&rn=691009

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 23 Aug 2023 17:15:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E163676BA59F4F07A1E449D216FC19B3 Ref B: FRA31EDGE0509 Ref C: 2023-08-23T17:15:30Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 976B 43 B
246 B 152ms
49ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2023%20Aug%202023%2017%3A15%3A30%20GMT&n=-2d&.yp=10198515&f=https%3A%2F%2F11064197.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCP6PoZGk84ADFVNYDQodObUJwg%3Bsrc%3D11064197%3Btype%3Dusbpe0%3Bcat%3Dusbpe00b%3Bord%3D9744109978824%3Bauiddc%3D904067749.1692810930%3Bgtm%3D45He38l0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.unionsavings.com%252Fnorwalk-personal-checking-offer%252F%253Fmkt_tok%253DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2%3F&e=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&enc=UTF-8&yv=1.15.1&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11064197.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Aug 2023 17:15:30 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 8D60 43 B
633 B 132ms
48ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2023%20Aug%202023%2017%3A15%3A30%20GMT&n=-2d&.yp=10198515&f=https%3A%2F%2F11064197.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMSUoZGk84ADFVcSaAgdyaUHCg%3Bsrc%3D11064197%3Btype%3Dusbpe0%3Bcat%3Dusbpe006%3Bord%3D805450555914%3Bauiddc%3D904067749.1692810930%3Bgtm%3D45He38l0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.unionsavings.com%252Fnorwalk-personal-checking-offer%252F%253Fmkt_tok%253DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2%3F&e=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&enc=UTF-8&yv=1.15.1&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11064197.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 17:15:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Aug 2023 17:15:30 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=526821071747014&ev=PageView&dl=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&rl=https%3A%2F%2Femail.unionsavings.com%2F&if=false&ts=1692810930898&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692810930274.390853369&cs_est=true&it=1692810930049&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Aug 2023 17:15:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 35B7 0
15 B 21ms
21ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.unionsavings.com
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.unionsavings.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:15:30 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9CC3 0
15 B 20ms
20ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.unionsavings.com
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.unionsavings.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:15:31 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 45AD 70 B
260 B 46ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=afk5uvc&ct=0:8fxx12e&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/afk5uvc/8fxx12e/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 23 Aug 2023 17:15:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 nr-rum.3709cb75-1.238.0.min.js Show response
js-agent.newrelic.com/ 43 KB
15 KB 68ms
27ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum.3709cb75-1.238.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

626b55eec0c819bcc0e797faccf7393babe486645f1860673218e9aaa0697f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: 6NYP7CC916llrFhVilA2_41lRSPLl92y
content-encoding: br
via: 1.1 varnish
date: Wed, 23 Aug 2023 17:15:31 GMT
strict-transport-security: max-age=300
x-amz-request-id: TPCRECRJAFCMJ7JE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15279
x-amz-id-2: 0QPeM0AxW+Sxs+wyMcXqg3rsMVzEZyWDdqQgivBOFuzNgb7PxMOg9AoFHabipfQlKfxZSJ0o9JM=
x-served-by: cache-fra-eddf8230135-FRA
last-modified: Wed, 16 Aug 2023 21:40:47 GMT
server: AmazonS3
x-timer: S1692810931.150219,VS0,VE0
etag: "f59a391a3f3bdc521e37f4984b33bf21"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1020

GET
H/1.1 200
OK livehelpnow.min.aspx Show response
www.livehelpnow.net/lhn/scripts/ 23 KB
9 KB 129ms
129ms Script
text/javascript 184.106.10.72
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livehelpnow.net/lhn/scripts/livehelpnow.min.aspx?lhnid=22783&iv=0&ivid=0&d=0&ver=5.3&rnd=0.6373251299706706

Requested by

Host: www.livehelpnow.net
URL: https://www.livehelpnow.net/lhn/widgets/chatbutton/lhnchatbutton-current.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

184.106.10.72 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Microsoft-IIS/8.0 /

Resource Hash

e2f52d46c8241a1390ec016f1f5f34a80f352c53e745bee079fbfbcd2272d3fc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 17:15:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Content-Length: 8515
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 464C 0
181 B 47ms
46ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=lqfgv3j&ref=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&upid=rr58d04&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 23 Aug 2023 17:15:31 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=275350579&t=timing&_s=2&dl=https%3A%2F%2Fwww.unionsavings.com%2Fnorwalk-personal-checking-offer%2F%3Fmkt_tok%3DMzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2&dr=https%3A%2F%2Femail.unionsavings.com%2F&ul=en-us&de=UTF-8&dt=Norwalk%20Personal%20Checking%20Offer%20-%20USB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4501&pdt=19&dns=0&rrt=1&srt=2450&tcp=50&dit=4188&clt=4198&_gst=3308&_gbt=3436&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=1161234901.1692810930&tid=UA-8953437-1&_gid=215071757.1692810930&gtm=45He38l0n71WQ3RCJ&z=1380546873

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 22:13:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68541
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 29ff1dbe47 Show response
bam.nr-data.net/1/ 40 B
410 B 292ms
225ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/29ff1dbe47?a=73355005&v=1.238.0&to=NlZTN0ZZWBcAUhIIXA8ccABAUVkKTkEDE0AOXVAP&rst=4583&ck=0&s=6afcdd89dd1ef0b1&ref=https://www.unionsavings.com/norwalk-personal-checking-offer/&ap=2024&be=2753&fe=1753&dc=1453&at=GhFQQQ5DSxk%3D&perf=%7B%22timing%22:%7B%22of%22:1692810926595,%22n%22:0,%22f%22:0,%22dn%22:252,%22dne%22:252,%22c%22:252,%22s%22:272,%22ce%22:303,%22rq%22:303,%22rp%22:2753,%22rpe%22:2771,%22di%22:4188,%22ds%22:4198,%22de%22:4206,%22dc%22:4501,%22l%22:4501,%22le%22:4506%7D,%22navigation%22:%7B%7D%7D&fp=3153&fcp=3153
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum.3709cb75-1.238.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 23 Aug 2023 17:15:31 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.unionsavings.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230074-FRA

GET
H/1.1

200
OK

22783-on-G86RF25HQ4.png
cdn.livehelpnow.net/clients/22783/
Redirect Chain

https://www.livehelpnow.net/lhn/functions/imageserver.ashx?lhnid=22783&java=No&zimg=7865&sres=1600x1200&sdepth=24&custom1=&custom2=&custom3=&t=t&d=0&rnd=0.5057986437361877&ck=true&referrer=https%3A...
https://www.livehelpnow.net/clients/22783/22783-on-G86RF25HQ4.png
https://cdn.livehelpnow.net/clients/22783/22783-on-G86RF25HQ4.png

29 KB
29 KB

223ms
19ms

Image
image/png

108.138.17.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livehelpnow.net/clients/22783/22783-on-G86RF25HQ4.png
Protocol: HTTP/1.1
Server: 108.138.17.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cfd09fe6cb9d293c9da6bc0e15d1137be130c6768a7a786455ddd39837d29b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 13:16:22 GMT
Via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Nov 2017 22:15:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 14350
ETag: "071ac405d7293ad4c42a666bb50d2ea6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29335
X-Amz-Cf-Id: AH9M8GLqjACVSnZk2uI2fV4hGFbvLBffnXJQiyNJpNlFKxQdRpISiw==

Redirect headers

Location: https://cdn.livehelpnow.net/clients/22783/22783-on-G86RF25HQ4.png
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7130 0
15 B 20ms
20ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.unionsavings.com
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.unionsavings.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:15:31 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK getinvitationmessage.aspx Show response
www.livehelpnow.net/lhn/jsutil/ 0
190 B 127ms
127ms Script
text/javascript 184.106.10.72
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livehelpnow.net/lhn/jsutil/getinvitationmessage.aspx?ip=217.114.218.23&lhnid=22783&za_id=v34130804414561533

Requested by

Host: www.livehelpnow.net
URL: https://www.livehelpnow.net/lhn/scripts/livehelpnow.min.aspx?lhnid=22783&iv=0&ivid=0&d=0&ver=5.3&rnd=0.6373251299706706

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

184.106.10.72 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Microsoft-IIS/8.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unionsavings.com/norwalk-personal-checking-offer/?mkt_tok=Mzk0LURVQS04ODIAAAGNwT4pfxswJOasbKruY0Bo4lN_j3NOff7r240H7Qv_Sc8FIU0D9A-l32FAkNjYqK3vYpB9XACEJVhUrPwinfAGpODJsr7V7bif4WJUB9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 17:15:33 GMT
Cache-Control: private
Server: Microsoft-IIS/8.0
Content-Length: 0
X-Xss-Protection: 1; mode=block
Content-Type: text/javascript

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.email.unionsavings.com/	1970-01-20 14:13:32	Name: __cf_bm Value: MnvGeuKJmEpsS7PkXiiIfidQlBWIYjjiHTvgH9iDtR8-1692810926-0-AWPKWaZFLnfSfOV0fzZ4lErkEt9TAWfTN6lQzkjDakpvqPvpGYUa1aV+nvUfQE8onQf109olH4/z8hqrQAPHsAY=
.unionsavings.com/	1970-01-20 16:23:06	Name: _gcl_au Value: 1.1.904067749.1692810930
.unionsavings.com/	1970-01-20 23:49:30	Name: _mkto_trk Value: id:394-DUA-882&token:_mch-unionsavings.com-1692810929934-97729
.unionsavings.com/	1970-01-20 23:49:30	Name: _ga_50K9KLK55N Value: GS1.1.1692810930.1.0.1692810930.60.0.0
.unionsavings.com/	1970-01-20 23:49:30	Name: _ga Value: GA1.2.1161234901.1692810930
.unionsavings.com/	1970-01-20 14:14:57	Name: _gid Value: GA1.2.215071757.1692810930
.unionsavings.com/	1970-01-20 14:13:30	Name: _gat_UA-8953437-1 Value: 1
info.unionsavings.com/	1969-12-31 23:59:59	Name: BIGipServerab47web-nginx-app_https Value: !e5QSlQsYU32jk+WkCIQPm+cqSAXSEa8s2l3lISpeC2g0o/I8LPhqWRq3X759Wce4byxWj/yhrvmxVQ==
.info.unionsavings.com/	1970-01-20 14:13:32	Name: __cf_bm Value: GOWAq1.UfhVoGMNYLjZmJjx70QqgIHgH7kJkd1jJ.z0-1692810930-0-ASasBDMbMl70msmFUoVsaUICdWG50bNN60kHHlD1FmWUVBLQ5yXr9u4PqdQMGRGomtM4X3W/LPiZ3qMAHngT1qM=
.doubleclick.net/	1970-01-20 23:35:06	Name: IDE Value: AHWqTUm3oPRUKGHtCfU6yiGriKPI_UNZd6s-8lf7KmOFpFzZoPOwEQWKC8POhokVTgQ
.linkedin.com/	1970-01-20 16:23:06	Name: li_sugr Value: 9c338c67-d358-4e0a-9a2f-02f0dd93e9af
.linkedin.com/	1970-01-20 22:59:06	Name: bcookie Value: "v=2&49fe3e8b-5fc9-4bac-8c5f-9008d5f44ea0"
.linkedin.com/	1970-01-20 14:14:57	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2941:u=1:x=1:i=1692810930:t=1692897330:v=2:sig=AQFMFHEBeFS8wH0dd-a-ubZw-5XCbJVO"
.unionsavings.com/	1970-01-20 16:23:06	Name: _fbp Value: fb.1.1692810930274.390853369
www.unionsavings.com/	1970-01-20 14:14:57	Name: ln_or Value: eyI0MzkzMDAxIjoiZCJ9
.linkedin.com/	1970-01-20 14:56:42	Name: UserMatchHistory Value: AQL2gas5Fzfq9wAAAYojZOislIFL5V1xLxGGYX9moPViWislqyaFi2EaJ2cy5I0MxinvJzu1RvnmdQ
.linkedin.com/	1970-01-20 14:56:42	Name: AnalyticsSyncHistory Value: AQJjTP18FwjNEwAAAYojZOis1sHoIG1PAHp4dSDbW6U9ZyZuQHKfGWW6qS6iC8GVf9gSW4xj-XYGMijAuIL3dg
.www.linkedin.com/	1970-01-20 22:59:06	Name: bscookie Value: "v=1&20230823171530c82a81c3-9679-40fe-8293-4fbb02c35ad9AQEiGE20JVXXYTQ3GJ833RuqHEzVoC9B"
.linkedin.com/	1970-01-20 18:32:42	Name: li_gc Value: MTswOzE2OTI4MTA5MzA7MjswMjG0Z0wI1pFShoF0y4+8i/XkrGHicokb8rTlkTjkXOJoDg==
.unionsavings.com/	1970-01-20 14:14:57	Name: _uetsid Value: a98ba74041d811eeaf393931963c6434
.unionsavings.com/	1970-01-20 23:35:06	Name: _uetvid Value: a98bc5b041d811ee884829e00cf0bf04
.bing.com/	1970-01-20 23:35:06	Name: MUID Value: 3DCA790D2AB9669B2C2A6A7B2B3267E3
.yahoo.com/	1970-01-20 22:59:28	Name: A3 Value: d=AQABBLI-5mQCEIJt5HJN5bILf2SqIh-di2gFEgEBAQGQ52TwZOAXyiMA_eMAAA&S=AQAAAllBmj4IJHTzM7bbjRTEm9o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-NsnWdQNsf6v1+SPnX+7kfc4JqdQE7imP4q+/AmdxnPc=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11064197.fls.doubleclick.net
394-dua-882.mktoresp.com
adservice.google.com
bam.nr-data.net
bat.bing.com
cdn.linkedin.oribi.io
cdn.livehelpnow.net
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
email.unionsavings.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
info.unionsavings.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
munchkin.marketo.net
pixel37a2121c8ef1223.advangelists.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.yimg.com
snap.licdn.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
tenon.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.levelaccess.com
www.linkedin.com
www.livehelpnow.net
www.unionsavings.com
104.102.38.132
104.17.71.206
104.17.72.206
108.138.15.119
108.138.17.12
13.107.42.14
142.250.186.130
15.197.193.217
151.101.193.223
151.101.194.137
162.247.243.29
172.217.16.198
18.65.33.149
184.106.10.72
192.28.144.124
2001:4860:4802:34::36
212.82.100.181
2600:9000:20eb:a000:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:803::200a
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2004
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:400c:c07::9a
2a02:26f0:3500:16::215:148d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
35.160.11.116
54.205.127.113
05ad8ce91c8e57f220cdbbeca3571bbda5e2786168c204d096de989f021c8cff
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
08b55db71add8860cc1c78511913a870219ac6ca621eb8e514966417f6ec9124
094b7a3c8985fad6f9dd6d4ce98f9f1e62b8c3a72d25fda42e728c371aec8788
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10633aa7e5332c8d335f5c314d627898544e825ea7e78f2b8a8856fc70bbdccf
172f877ea8bcedabf8e15636930c01911b15c33656de8a24361992b600bdf07c
1c4f1dcf05670290568ddec305d3b099308c7f5f5542cdec5e288ff1caac7dce
22fb42a219c70a051b6d308c6f8cd7d09d47d4601dd9f7a54432ea614a1156f9
2cfd09fe6cb9d293c9da6bc0e15d1137be130c6768a7a786455ddd39837d29b2
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e8612270c01a272cde6dc9edd1462fe3c810ce9136f01d4e3573df0ab33f02
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4a08a450cc09bbc03e043891938bd7e02b6ba8aab6cc07410afd32d1176962b0
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fe8c56cd4b72e75c76c1ccd7ff1010ab9506d232ff20226dd72ddc271509c98
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5542979318a6147a5a2e52c064d21a597e8883e0f27a895a9444f30dc5e927e9
55dc1fd7ebb753178fa87c4b86b6f055552719b06252affd246fed942a600137
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59bbc732a3046509ce5a185364854c02581c40b3a2c733bf717ae450c4101b3e
59de0191eccd0f2f9130ae2ce52272ce27bf5b4e9be276c2badf66ea1dcf3e92
60feb2b945f78cc3aee110077cdc628a9e2ba4ac833c9824b4f534c7a2e4118c
626b55eec0c819bcc0e797faccf7393babe486645f1860673218e9aaa0697f4b
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b9733a87bae1b57b2a351e2570aa3a5529d17095f9f73bf6074fabfe66321f5
7fb9eaf2e00d42e7bce1fa250574281d02ffbb2be502de1f70f0a48ddd211e54
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d5396214368208035b393fa624bf30f36aef496b7bb0ba34527b86f7340087
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b80ed8d6b2ee27ffcaaff183dfd2391d8923141f50b1c00941a141948f096c35
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d0d930b4b957d7e8a732468212f0194025ff3837daf83037f21214fa4253bb86
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2f52d46c8241a1390ec016f1f5f34a80f352c53e745bee079fbfbcd2272d3fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424
f89367a5d16aae59f058e888ea074cd19830ea038f9d229a2c0fcca59900541f
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
faebc06f98e1486cbe5e31e86878c77d014ce974f2bbd92950b214d2f616f712

www.unionsavings.com Open in urlscan Pro 151.101.193.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

94 %HTTPS

50 %IPv6

27 Domains

37 Subdomains

34 IPs

6 Countries

1369 kBTransfer

4933 kBSize

23 Cookies

10 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.unionsavings.com Open in urlscan Pro
151.101.193.223 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

94 %
HTTPS

50 %
IPv6

27
Domains

37
Subdomains

34
IPs

6
Countries

1369 kB
Transfer

4933 kB
Size

23
Cookies

80 HTTP transactions
0 data transactions