auth.westerncentralnyaaa.com Open in urlscan Pro
2606:4700:10::ac43:199b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u3815863.ct.sendgrid.net/ls/click?upn=TMRXcSRAvI1Wy-2BxGqok1piv7ooOfzqz7Kc5-2BbpRkLJO3kz1JfBmWjJmIvGEU73n4xARlUFWgVaybQCf...
Effective URL:
https://auth.westerncentralnyaaa.com/membership/member-login
Submission: On July 14 via manual (July 14th 2021, 3:06:44 pm UTC) from US

Summary HTTP 247 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 56 domains to perform 247 HTTP transactions. The main IP is 2606:4700:10::ac43:199b, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.westerncentralnyaaa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time auth.westerncentralnyaaa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.54 167.89.115.54	11377 (SENDGRID) (SENDGRID)
1 1	104.43.221.31 104.43.221.31	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	69.164.216.23 69.164.216.23	63949 (LINODE-AP...) (LINODE-AP Linode)
1 65	2606:4700:10:... 2606:4700:10::ac43:199b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:1b:... 2a04:4e42:1b::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	209.82.215.211 209.82.215.211	12090 (NET-AAA) (NET-AAA)
19	45.60.150.98 45.60.150.98	19551 (INCAPSULA) (INCAPSULA)
7	2606:4700:20:... 2606:4700:20::681a:5d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	52.212.101.97 52.212.101.97	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
9	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.96.61 13.224.96.61	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
1	104.18.8.110 104.18.8.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.128.38.37 108.128.38.37	16509 (AMAZON-02) (AMAZON-02)
1	52.17.54.18 52.17.54.18	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	34.255.166.243 34.255.166.243	16509 (AMAZON-02) (AMAZON-02)
1	34.251.77.56 34.251.77.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 17	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.96.67 13.224.96.67	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1 1	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	3.125.99.7 3.125.99.7	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
1	2606:4700::68... 2606:4700::6812:b4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.96.92 13.224.96.92	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	34.117.4.53 34.117.4.53	15169 (GOOGLE) (GOOGLE)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.88.20.118 54.88.20.118	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	13.224.96.7 13.224.96.7	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.48.137.92 52.48.137.92	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	34.251.173.19 34.251.173.19	16509 (AMAZON-02) (AMAZON-02)
2 2	52.30.92.119 52.30.92.119	16509 (AMAZON-02) (AMAZON-02)
1 1	54.209.16.83 54.209.16.83	14618 (AMAZON-AES) (AMAZON-AES)
247	55

1 167.89.115.54 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net

u3815863.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.43.221.31 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aaa-cf.coinflip.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.164.216.23 (Cedar Knolls, United States) 3 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

info.westerncentralny.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.westerncentralny.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2606:4700:10::ac43:199b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.westerncentralnyaaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 209.82.215.211 (United States)

ASN12090 (NET-AAA, US)

www.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 45.60.150.98 (United States)

ASN19551 (INCAPSULA, US)

westerncentralny.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:5d7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ometrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ochatbot.ometrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.212.101.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-61.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.8.110 (United States)

ASN13335 (CLOUDFLARENET, US)

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.38.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

audiology-149-adswizz.attribution.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.54.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aaanortheast.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

mcdmetrics.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.166.243 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.77.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-77-56.eu-west-1.compute.amazonaws.com

mcdmetrics2.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-67.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.226 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.99.7 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b4f (United States)

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-92.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.4.53 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 53.4.117.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.20.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

usersync.videoamp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.7 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-7.zrh50.r.cloudfront.net

ads.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.137.92 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.14.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.91 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.173.19 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.92.119 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.16.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	westerncentralnyaaa.com 1 redirects auth.westerncentralnyaaa.com	135 KB
32	aaa.com 3 redirects info.westerncentralny.aaa.com www.aaa.com westerncentralny.aaa.com mcdmetrics.aaa.com mcdmetrics2.aaa.com auth.westerncentralny.aaa.com	477 KB
18	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	16 KB
17	google.de www.google.de	1 KB
17	google.com 1 redirects www.google.com	1 KB
15	demdex.net dpm.demdex.net aaanortheast.demdex.net	18 KB
12	facebook.com www.facebook.com	1 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
9	facebook.net connect.facebook.net	309 KB
7	ometrics.com www.ometrics.com ochatbot.ometrics.com	87 KB
6	adobedtm.com assets.adobedtm.com	102 KB
5	google-analytics.com www.google-analytics.com	40 KB
5	googletagmanager.com www.googletagmanager.com	256 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	111 KB
3	hubspot.com api.hubspot.com forms.hubspot.com	2 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	bounceexchange.com assets.bounceexchange.com api.bounceexchange.com	116 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
3	bing.com bat.bing.com	9 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	googleadservices.com www.googleadservices.com	29 KB
3	jsdelivr.net cdn.jsdelivr.net	41 KB
2	bidr.io 2 redirects match.prod.bidr.io	1020 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	468 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	scorecardresearch.com 2 redirects ads.scorecardresearch.com	796 B
2	eyeota.net 2 redirects ps.eyeota.net	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	935 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	582 B
1	gumgum.com 1 redirects g2.gumgum.com	290 B
1	pubmatic.com image2.pubmatic.com	543 B
1	hubapi.com api.hubapi.com	993 B
1	rubiconproject.com pixel.rubiconproject.com	755 B
1	hs-banner.com js.hs-banner.com	15 KB
1	hsleadflows.net js.hsleadflows.net	80 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	usemessages.com js.usemessages.com	20 KB
1	videoamp.com usersync.videoamp.com	79 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	972 B
1	hs-scripts.com js.hs-scripts.com	1 KB
1	media6degrees.com idpix.media6degrees.com	278 B
1	turn.com 1 redirects d.turn.com	402 B
1	mathtag.com 1 redirects sync.mathtag.com	640 B
1	adswizz.com audiology-149-adswizz.attribution.adswizz.com	134 B
1	reson8.com ds.reson8.com	169 B
1	wknd.ai tag.wknd.ai	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	googleapis.com fonts.googleapis.com	960 B
1	coinflip.network 1 redirects aaa-cf.coinflip.network	162 B
1	sendgrid.net 1 redirects u3815863.ct.sendgrid.net	247 B
247	56

	Domain	Requested by
65	auth.westerncentralnyaaa.com	1 redirects auth.westerncentralnyaaa.com ajax.cloudflare.com westerncentralny.aaa.com static.cloudflareinsights.com
19	westerncentralny.aaa.com	ajax.cloudflare.com westerncentralny.aaa.com
17	www.google.de
17	www.google.com	1 redirects
15	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
14	dpm.demdex.net	assets.adobedtm.com
12	www.facebook.com
9	connect.facebook.net	auth.westerncentralnyaaa.com connect.facebook.net
8	sync-tm.everesttech.net	8 redirects
7	www.aaa.com	ajax.cloudflare.com westerncentralny.aaa.com
6	assets.adobedtm.com	ajax.cloudflare.com assets.adobedtm.com
6	www.ometrics.com	ajax.cloudflare.com www.ometrics.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googletagmanager.com	auth.westerncentralnyaaa.com www.googletagmanager.com
4	dev.visualwebsiteoptimizer.com	auth.westerncentralnyaaa.com dev.visualwebsiteoptimizer.com
3	px.owneriq.net	2 redirects
3	idsync.rlcdn.com	2 redirects aaanortheast.demdex.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
3	cdn.jsdelivr.net	auth.westerncentralnyaaa.com ajax.cloudflare.com
2	match.prod.bidr.io	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	api.hubspot.com	js.usemessages.com
2	ads.scorecardresearch.com	2 redirects
2	ps.eyeota.net	2 redirects
2	match.adsrvr.org	2 redirects
2	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
2	pm.w55c.net	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	mcdmetrics.aaa.com	assets.adobedtm.com
2	info.westerncentralny.aaa.com	2 redirects
1	sync.srv.stackadapt.com	1 redirects
1	g2.gumgum.com	1 redirects
1	image2.pubmatic.com
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	pixel.rubiconproject.com
1	cm.g.doubleclick.net
1	ochatbot.ometrics.com	auth.westerncentralnyaaa.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	usersync.videoamp.com
1	cms.analytics.yahoo.com	1 redirects
1	api.bounceexchange.com	assets.bounceexchange.com
1	vars.hotjar.com	static.hotjar.com
1	js.hs-scripts.com	www.googletagmanager.com
1	idpix.media6degrees.com
1	auth.westerncentralny.aaa.com	1 redirects
1	d.turn.com	1 redirects
1	sync.mathtag.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	mcdmetrics2.aaa.com	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	aaanortheast.demdex.net	assets.adobedtm.com
1	audiology-149-adswizz.attribution.adswizz.com
1	ds.reson8.com
1	tag.wknd.ai	auth.westerncentralnyaaa.com
1	static.hotjar.com	auth.westerncentralnyaaa.com
1	static.cloudflareinsights.com	auth.westerncentralnyaaa.com
1	ajax.cloudflare.com	auth.westerncentralnyaaa.com
1	fonts.googleapis.com	auth.westerncentralnyaaa.com
1	aaa-cf.coinflip.network	1 redirects
1	u3815863.ct.sendgrid.net	1 redirects
247	70

This site contains links to these domains. Also see Links.

Domain
westerncentralny.aaa.com
www.aaa.com
info.westerncentralny.aaa.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.aaa.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-30` - `2022-04-12`	a year	crt.sh
*.westerncentralny.aaa.com Sectigo RSA Organization Validation Secure Server CA	`2020-10-20` - `2021-11-20`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
tag.wknd.ai R3	`2021-05-27` - `2021-08-25`	3 months	crt.sh
attribution.adswizz.com Amazon	`2020-12-10` - `2022-01-08`	a year	crt.sh
mcdmetrics.aaa.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-22` - `2022-03-30`	a year	crt.sh
mcdmetrics2.aaa.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-09` - `2022-04-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-09` - `2022-05-10`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2021-06-30` - `2021-09-28`	3 months	crt.sh
*.wunderkind.co R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.videoamp.com Amazon	`2020-11-03` - `2021-12-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://auth.westerncentralnyaaa.com/membership/member-login
Frame ID: CB18ACD59F9394F810E8E2D384112575
Requests: 200 HTTP requests in this frame

Frame: https://aaanortheast.demdex.net/dest5.html?d_nsid=0
Frame ID: E64F6AA45BA9BB0E9C478E951B16A037
Requests: 25 HTTP requests in this frame

Frame: https://westerncentralny.aaa.com/remote/footer.html
Frame ID: 81FFE9ECD9B17E7D2E064B55F5198F79
Requests: 20 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 7E78C79A513109AFF3A3A48E0663D42A
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 7CC1B34F604A35067DA20D6CFEE0A86E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u3815863.ct.sendgrid.net/ls/click?upn=TMRXcSRAvI1Wy-2BxGqok1piv7ooOfzqz7Kc5-2BbpRkLJO3kz1JfBmWjJmIvGE... HTTP 302
https://aaa-cf.coinflip.network/linked-cards HTTP 303
https://info.westerncentralny.aaa.com/redirect/redirect_coinflip.jsp HTTP 302
https://info.westerncentralny.aaa.com/api-login/login.jsp HTTP 302
https://auth.westerncentralnyaaa.com/membership/login?isByPassContactConfirm=Y HTTP 302
https://auth.westerncentralnyaaa.com/membership/member-login Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

247
Requests

100 %
HTTPS

41 %
IPv6

56
Domains

70
Subdomains

55
IPs

7
Countries

1969 kB
Transfer

7322 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://westerncentralny.aaa.com/?__hstc=13469672.c0044959d87b515b916d82296e6bb843.1626275188459.1626275188459.1626275188459.1&__hssc=13469672.1.1626275188460&__hsfp=2736934676
Title:

Search URL Search Domain Scan URL

URL: https://www.aaa.com/stop?__hstc=13469672.c0044959d87b515b916d82296e6bb843.1626275188459.1626275188459.1626275188459.1&__hssc=13469672.1.1626275188460&__hsfp=2736934676
Title: visit another Club.

Search URL Search Domain Scan URL

URL: https://info.westerncentralny.aaa.com/help/what-my-donor-number?__hstc=13469672.c0044959d87b515b916d82296e6bb843.1626275188459.1626275188459.1626275188459.1&__hssc=13469672.1.1626275188460&__hsfp=2736934676
Title: Donor ID

Search URL Search Domain Scan URL

URL: https://info.westerncentralny.aaa.com/help/login?__hstc=13469672.c0044959d87b515b916d82296e6bb843.1626275188459.1626275188459.1626275188459.1&__hssc=13469672.1.1626275188460&__hsfp=2736934676
Title: Having Trouble signing in?

Search URL Search Domain Scan URL

URL: https://westerncentralny.aaa.com/membership/join/index.html?__hstc=13469672.c0044959d87b515b916d82296e6bb843.1626275188459.1626275188459.1626275188459.1&__hssc=13469672.1.1626275188460&__hsfp=2736934676
Title: JOIN AAA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u3815863.ct.sendgrid.net/ls/click?upn=TMRXcSRAvI1Wy-2BxGqok1piv7ooOfzqz7Kc5-2BbpRkLJO3kz1JfBmWjJmIvGEU73n4xARlUFWgVaybQCfgXD-2BW2Q-3D-3DEPMf_lXAB4wwHfP1k0cSBOHxgSv6iTTp8mut20LTH-2Fw2PeMVkl-2B7GLiWxIUUNEnqRVeCawNvo3WIgOCxTZCvvKw1adc-2FUa5Z1POX4b8khoB8DavtMLFQyfR3QHnT4RB4ooExXhTXGKdZvUVY31-2B3dWovx518l2BzWB3ynlKWuhyVddaxyoW6ogOhvsr5t-2BukXk-2Bfwa6gO-2FlEw4xQ1DAGKVf-2B-2B5g-3D-3D HTTP 302
https://aaa-cf.coinflip.network/linked-cards HTTP 303
https://info.westerncentralny.aaa.com/redirect/redirect_coinflip.jsp HTTP 302
https://info.westerncentralny.aaa.com/api-login/login.jsp HTTP 302
https://auth.westerncentralnyaaa.com/membership/login?isByPassContactConfirm=Y HTTP 302
https://auth.westerncentralnyaaa.com/membership/member-login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://cm.everesttech.net/cm/dd?d_uuid=86231085222053979733060319419620284320 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YO79cgAAAFaphA_u

Request Chain 110

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/747105695/?random=992719126&cv=9&fst=1626275186868&num=1&value=0&label=tM3fCIGX8bgBEJ_bn-QC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&auid=732902569.1626275187&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cv3uYOaGOIr3-gbb07zoBA&sscte=1&crd=&eitems=ChEI8Ja6hwYQy5GL4YS0p_zpARIdAOYcvXkRawL50HJtBEm5rpWzWrjorHwn-CQ-m8s HTTP 302
https://www.google.com/pagead/1p-conversion/747105695/?random=992719126&cv=9&fst=1626275186868&num=1&value=0&label=tM3fCIGX8bgBEJ_bn-QC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&auid=732902569.1626275187&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=cv3uYOaGOIr3-gbb07zoBA&cid=CAQSKQCNIrLMJ7SeJPxt0I7AzbpHgq71cdxI2r_vBdYiCZcYiUVAAgBeGhWz&eitems=ChEI8Ja6hwYQy5GL4YS0p_zpARIdAOYcvXmb9V6tbCZ0hLurUNf_6NRZgrOouVy1ZlY&random=2649211743&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/747105695/?random=992719126&cv=9&fst=1626275186868&num=1&value=0&label=tM3fCIGX8bgBEJ_bn-QC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&auid=732902569.1626275187&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=cv3uYOaGOIr3-gbb07zoBA&cid=CAQSKQCNIrLMJ7SeJPxt0I7AzbpHgq71cdxI2r_vBdYiCZcYiUVAAgBeGhWz&eitems=ChEI8Ja6hwYQy5GL4YS0p_zpARIdAOYcvXmb9V6tbCZ0hLurUNf_6NRZgrOouVy1ZlY&random=2649211743&resp=GooglemKTybQhCsO&ipr=y

Request Chain 129

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=86231085222053979733060319419620284320&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d86231085222053979733060319419620284320 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=ef5160ee-fd73-4500-866a-bebaee9e2be7&ddsuuid=86231085222053979733060319419620284320

Request Chain 175

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=iZFsWP2t1M3GsX5

Request Chain 179

https://idsync.rlcdn.com/365868.gif?partner_uid=86231085222053979733060319419620284320 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODYyMzEwODUyMjIwNTM5Nzk3MzMwNjAzMTk0MTk2MjAyODQzMjAQABoNCPP6u4cGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=1ea309485c02934841ed23722f8b8d23333179eb24651f37fc6aafad0b0fa47fb0da87c991749652

Request Chain 180

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2670741592686903522

Request Chain 188

https://auth.westerncentralny.aaa.com/membership/nl_status?callback=jQuery1113023443212499124555_1626275187440&_=1626275187441 HTTP 301
https://auth.westerncentralnyaaa.com/membership/nl_status?callback=jQuery1113023443212499124555_1626275187440&_=1626275187441

Request Chain 202

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e1945520-5142-4975-9f50-c36edbc7aff0

Request Chain 206

https://ps.eyeota.net/match?bid=6j5b2cv&uid=86231085222053979733060319419620284320&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=86231085222053979733060319419620284320&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2tWcbzzFue4ZvcjPNblW06rYSXIV9PNyVTdVFW-lPC-s

Request Chain 214

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=86231085222053979733060319419620284320&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-wGFYF8dE2pEKZEXZeFyBLCymf19rLnz37tg-~A

Request Chain 215

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ6795615882063830707&uid=Q6795615882063830707&ref=%2Feucm%2Fp%2Fadpq HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 222

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=86231085222053979733060319419620284320&rn=1626275186688&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D86231085222053979733060319419620284320 HTTP 302
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=86231085222053979733060319419620284320&rn=1626275186688&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D86231085222053979733060319419620284320 HTTP 302
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=86231085222053979733060319419620284320

Request Chain 225

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=86231085222053979733060319419620284320?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=86231085222053979733060319419620284320?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=78b13b67d4bca69c2faf4d4adfbf4319

Request Chain 230

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU83OWNnQUFBRmFwaEFfdQ==

Request Chain 231

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YO79cgAAAFaphA_u&expires=90

Request Chain 232

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YO79cgAAAFaphA_u HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YO79cgAAAFaphA_u&C=1

Request Chain 236

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YO79cgAAAFaphA_u HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYO79cgAAAFaphA_u

Request Chain 238

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YO79cgAAAFaphA_u HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YO79cgAAAFaphA_u

Request Chain 240

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YO79cgAAAFaphA_u

Request Chain 241

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YO79cgAAAFaphA_u&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YO79cgAAAFaphA_u&img=1&__user_check__=1&sync_id=1125dea1-e4b5-11eb-85bf-1644f9a80406

Request Chain 243

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YO79cgAAAFaphA_u&t=2592000&o=0

Request Chain 244

https://g2.gumgum.com/adobe/s2s HTTP 302
https://dpm.demdex.net/ibs:dpid=143525&dpuuid=e_4869f039-f3b1-4b9c-ad7d-90c67e772dc4

Request Chain 245

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AACspE7B3fsAADYn8WVIqA

Request Chain 246

https://sync.srv.stackadapt.com/sync?nid=adobe HTTP 302
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=1GQMsBvKT3990bm_ruZl3rkJElY

247 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request member-login Show response
auth.westerncentralnyaaa.com/membership/
Redirect Chain

https://u3815863.ct.sendgrid.net/ls/click?upn=TMRXcSRAvI1Wy-2BxGqok1piv7ooOfzqz7Kc5-2BbpRkLJO3kz1JfBmWjJmIvGEU73n4xARlUFWgVaybQCfgXD-2BW2Q-3D-3DEPMf_lXAB4wwHfP1k0cSBOHxgSv6iTTp8mut20LTH-2Fw2PeMVkl-...
https://aaa-cf.coinflip.network/linked-cards
https://info.westerncentralny.aaa.com/redirect/redirect_coinflip.jsp
https://info.westerncentralny.aaa.com/api-login/login.jsp
https://auth.westerncentralnyaaa.com/membership/login?isByPassContactConfirm=Y
https://auth.westerncentralnyaaa.com/membership/member-login

27 KB
6 KB

242ms
241ms

Document
text/html

2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644e6b02ca70d76d9eca4762692280329c9b03cd28a379c526cba9d870cf4a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: auth.westerncentralnyaaa.com
:scheme: https
:path: /membership/member-login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
cache-control: must-revalidate, no-cache, private
x-drupal-dynamic-cache: UNCACHEABLE
x-ua-compatible: IE=edge
content-language: en
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
x-generator: Drupal 9 (https://www.drupal.org)
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 66eba7a4986d4ab5-FRA
content-encoding: br

Redirect headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
cache-control: must-revalidate, no-cache, private
location: /membership/member-login
x-ua-compatible: IE=edge
content-language: en
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
x-generator: Drupal 9 (https://www.drupal.org)
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
set-cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8; expires=Thu, 15-Jul-2021 15:06:25 GMT; Max-Age=86400; path=/; domain=.auth.westerncentralnyaaa.com; secure; HttpOnly;Secure
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 66eba7a37dda4ab5-FRA

GET
H2 200 webform.element.flexbox.css
auth.westerncentralnyaaa.com/modules/contrib/webform/css/ 3 KB
569 B 150ms
139ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/css/webform.element.flexbox.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6877b677fb95548385f7ddaf5b1717bb9b6bd23114fb5fea0150bd57e832946f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/css/webform.element.flexbox.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=3955
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"f73-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c754ab5-FRA
cf-bgj: minify

GET
H2 200 align.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 255 B
175 B 136ms
125ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/align.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c2e3a7970d736a77b9c069b04dc19f6ef3051045ef546b7edd1ff8731c2acde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/align.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=484
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"1e4-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c764ab5-FRA
cf-bgj: minify

GET
H2 200 fieldgroup.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 37 B
133 B 137ms
127ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/fieldgroup.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04d90a369ebc11b0d43aa5710cab8a1b7b458eb51540eda5be7ad8db0b3ea33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/fieldgroup.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=95
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
content-length: 37
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: "5f-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66eba7a63c794ab5-FRA
cf-bgj: minify

GET
H2 200 container-inline.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 155 B
162 B 154ms
143ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/container-inline.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccbf78be3654e960477e90e268d70573a1b248585175c7e270ad616318d63f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/container-inline.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=275
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"113-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c7a4ab5-FRA
cf-bgj: minify

GET
H2 200 clearfix.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 52 B
138 B 153ms
142ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/clearfix.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

754a12dd8ae22818cfa8abe328bc0b605bb92fff540270b062cab041233c2f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/clearfix.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=306
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"132-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c7d4ab5-FRA
cf-bgj: minify

GET
H2 200 details.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 54 B
145 B 373ms
363ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/details.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c81aa3671a3c8d52a54a2ba91802d0984011a5907fdc00461e0caca8b5ba975

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/details.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=127
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"7f-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c7e4ab5-FRA
cf-bgj: minify

GET
H2 200 hidden.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 319 B
220 B 143ms
133ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/hidden.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e5db09dad1ee1a5a776c1f0b67fd42315f848265c3a856068e56ad73e48ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/hidden.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=1359
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"54f-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c804ab5-FRA
cf-bgj: minify

GET
H2 200 item-list.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 205 B
178 B 137ms
127ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/item-list.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

054123763da10810cbbd026a3f11e365b246d89b9701d07a8776afc87a4675cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/item-list.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=285
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"11d-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c824ab5-FRA
cf-bgj: minify

GET
H2 200 js.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 75 B
133 B 135ms
125ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/js.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0435814fc17e1232f7a1ce3d1ada57a41fd4d7fce5287826c83de1db26b475e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/js.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=402
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"192-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c864ab5-FRA
cf-bgj: minify

GET
H2 200 nowrap.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 27 B
163 B 138ms
129ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/nowrap.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5d941e59e932f8cc684b36597b53a3e981ffc68dab4984afff223d985cd507c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/nowrap.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=96
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
content-length: 27
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: "60-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66eba7a63c874ab5-FRA
cf-bgj: minify

GET
H2 200 position-container.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 38 B
134 B 160ms
151ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/position-container.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a189f9e003a4486a75939a97b000cc9f9a00e04a25bb8d423a9c1e3bfd385b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/position-container.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=95
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
content-length: 38
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: "5f-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66eba7a63c884ab5-FRA
cf-bgj: minify

GET
H2 200 progress.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 603 B
414 B 140ms
131ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/progress.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eebb7e004629d956e810f39eca97c536eeddc2ee2d601d4a47a388ccfe61f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/progress.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=825
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"339-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c8a4ab5-FRA
cf-bgj: minify

GET
H2 200 reset-appearance.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 142 B
173 B 138ms
129ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/reset-appearance.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b09b38c6e38cdc7981e573f3237ec1ea1347e1f47d5de72cac87e71e60303cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/reset-appearance.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=274
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"112-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c8b4ab5-FRA
cf-bgj: minify

GET
H2 200 resize.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 180 B
238 B 138ms
130ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/resize.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43180fc933cf2814989830ef9cd4fe733f9375d2d293833a971374487d31c830

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/resize.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=270
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"10e-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c8c4ab5-FRA
cf-bgj: minify

GET
H2 200 sticky-header.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 73 B
219 B 133ms
124ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/sticky-header.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebdc917da1f7852a04dcbd60694fc8c2ea50a7a25a94bb9858383ccdcd750eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/sticky-header.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=163
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"a3-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c8e4ab5-FRA
cf-bgj: minify

GET
H2 200 system-status-counter.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 615 B
270 B 134ms
126ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/system-status-counter.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ab552b917932778a3cb202e5c874a661aac2f6b050201e3b5fe033095d70ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/system-status-counter.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=761
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"2f9-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c8f4ab5-FRA
cf-bgj: minify

GET
H2 200 system-status-report-counters.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 397 B
342 B 140ms
132ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/system-status-report-counters.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142dd3a16aabdf975e6c3d327cd0892021d703f614e94db06cc8bc15a3ed527a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/system-status-report-counters.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=557
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"22d-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c964ab5-FRA
cf-bgj: minify

GET
H2 200 system-status-report-general-info.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 158 B
169 B 136ms
128ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/system-status-report-general-info.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478343a40a73e7afedde1d34a0531f3d525967e39e2eabb405db4bf6f812c679

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/system-status-report-general-info.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=255
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"ff-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c994ab5-FRA
cf-bgj: minify

GET
H2 200 tablesort.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 245 B
203 B 140ms
133ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/tablesort.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23fcb237f98618bdf3058ece5f7dac84eb885a22cecdf1485cc6f5e8c6818453

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/tablesort.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=365
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"16d-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63c9a4ab5-FRA
cf-bgj: minify

GET
H2 200 tree-child.module.css
auth.westerncentralnyaaa.com/core/modules/system/css/components/ 349 B
199 B 161ms
154ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/modules/system/css/components/tree-child.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff920a0b9304131aab47c3fd9c8d2d219ec0594e4ba8d6d01c4f39f3b63534df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/modules/system/css/components/tree-child.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=466
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"1d2-5c36856e59097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63ca04ab5-FRA
cf-bgj: minify

GET
H2 200 membership.module.css
auth.westerncentralnyaaa.com/modules/custom/membership/css/ 3 KB
941 B 133ms
126ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/custom/membership/css/membership.module.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28d088ae34a47e734b65783d0b89767efffa7d2ba6bc5e8cbd0e14b8fa75ba79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/custom/membership/css/membership.module.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=3952
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 05 Mar 2021 16:37:09 GMT
server: cloudflare
etag: W/"f70-5bcccb2084a81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63ca14ab5-FRA
cf-bgj: minify

GET
H2 200 webform.form.css
auth.westerncentralnyaaa.com/modules/contrib/webform/css/ 2 KB
584 B 136ms
129ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/css/webform.form.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

996cc8a458f5bfeca3042118515aa02557b39cbd1c2b1f7beab65fbd8924d9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/css/webform.form.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=3186
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"c72-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63ca44ab5-FRA
cf-bgj: minify

GET
H2 200 webform.element.details.toggle.css
auth.westerncentralnyaaa.com/modules/contrib/webform/css/ 668 B
283 B 140ms
133ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/css/webform.element.details.toggle.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79f07d000fa5adff824bdc7e80bdfdc113c74f061715720068b3ff9fa548e3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/css/webform.element.details.toggle.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=983
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"3d7-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63ca54ab5-FRA
cf-bgj: minify

GET
H2 200 webform.element.message.css
auth.westerncentralnyaaa.com/modules/contrib/webform/css/ 1 KB
422 B 146ms
139ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/css/webform.element.message.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

395440348e428557910b927a74501fc2b50eddaabbac0fddbeed8ddf0ae53c6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/css/webform.element.message.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=1519
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"5ef-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63ca74ab5-FRA
cf-bgj: minify

GET
H2 200 membership-single-flow.css
auth.westerncentralnyaaa.com/modules/custom/membership/css/ 5 KB
1 KB 134ms
126ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/custom/membership/css/membership-single-flow.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb6bd8f256c038352638143e1c41c398448c4e111047c8145443583562d59e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/custom/membership/css/membership-single-flow.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=5802
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Thu, 25 Mar 2021 21:47:24 GMT
server: cloudflare
etag: W/"16aa-5be635c661921"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63ca94ab5-FRA
cf-bgj: minify

GET
H2 200 webform_bootstrap.css
auth.westerncentralnyaaa.com/modules/contrib/webform/modules/webform_bootstrap/css/ 839 B
409 B 139ms
132ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/modules/webform_bootstrap/css/webform_bootstrap.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad1057ef82b8b14b52034598a876cc97e830ed29386a0997b4daf64f1644608

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/modules/webform_bootstrap/css/webform_bootstrap.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=1475
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"5c3-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63caa4ab5-FRA
cf-bgj: minify

GET
H2 200 bootstrap.css
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/ 143 KB
21 KB 25ms
6ms Stylesheet
text/css 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.css

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://auth.westerncentralnyaaa.com
Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2986545
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 21251
etag: W/"23a0d-+GduH0qQKmMIj0WYLz+bamxAG0c"
x-served-by: cache-fra19157-FRA, cache-hhn4053-HHN
date: Wed, 14 Jul 2021 15:06:25 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 drupal-bootstrap.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/ 14 KB
4 KB 24ms
6ms Stylesheet
text/css 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/drupal-bootstrap.css

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d4e006425282efc92a03f2bf292b71885fcad8f387fcfaa6c2224db17266b4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://auth.westerncentralnyaaa.com
Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2985837
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 3801
etag: W/"36f9-z981a03J7uHngtMwrs4UwcaV6aU"
x-served-by: cache-fra19128-FRA, cache-hhn4053-HHN
date: Wed, 14 Jul 2021 15:06:25 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/css/ 261 KB
32 KB 143ms
136ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/css/style.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312edc66bc1be0686911d085feb640834751783b70beaaf54c413cfe7ea23aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/wcnyaaa_bootstrap/css/style.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=315863
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Thu, 22 Apr 2021 00:00:28 GMT
server: cloudflare
etag: W/"4d1d7-5c0845df5c144"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63cab4ab5-FRA
cf-bgj: minify

GET
H2 200 test.css
auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/css/ 15 KB
3 KB 134ms
127ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/css/test.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

055d6fad5a2c615b7cc44ac132c76f33e073841257e40beeb0fb6a673d4b949d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/wcnyaaa_bootstrap/css/test.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=18814
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Thu, 22 Apr 2021 00:00:28 GMT
server: cloudflare
etag: W/"497e-5c0845df5c144"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63cad4ab5-FRA
cf-bgj: minify

GET
H2 200 account.css
auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/css/ 148 KB
18 KB 136ms
129ms Stylesheet
text/css 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/css/account.css?qv84ai

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e426dcf89fffb9da3a7e8dad86c2b14cb4d128f989c80346d6dbaad4e9bc0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/wcnyaaa_bootstrap/css/account.css?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=172922
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Thu, 03 Jun 2021 17:04:37 GMT
server: cloudflare
etag: W/"2a37a-5c3df91f17e52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 66eba7a63caf4ab5-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 12 KB
960 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa833c3a6b977f19524dd3dac651477b4a2f6b6c49c48244e588e1ac45b07d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 13:16:13 GMT
server: ESF
date: Wed, 14 Jul 2021 15:06:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Jul 2021 15:06:25 GMT

GET
H2 200 logo.svg
auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/ 8 KB
3 KB 106ms
105ms Image
image/svg+xml 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/logo.svg

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d62a600971cea6b45416ec41f603119b3a75f226caacdb3a08249f25764c596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/wcnyaaa_bootstrap/logo.svg
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 22 Apr 2021 00:00:28 GMT
server: cloudflare
etag: W/"1fce-5c0845df55f9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
content-type: image/svg+xml
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 66eba7a6bddb4ab5-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 34ms
11ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b47271bf70000178eb88a4000000001
last-modified: Wed, 07 Jul 2021 15:32:55 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60e5c927-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3AsHVeu04xJ1LY1%2FSEGJKmkBRvV%2Bud6YLfuS1py66lqzWKc%2FmFPjHcC54pfLogHTb5ZvpjcNkBPDu5WIcLB1lgQI5wV%2B2PiQ3QZQ8eyCB3NlPchdZydVAl1e7OWZmssDG3MMeWshWUOVss9S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 66eba7a65c81178e-FRA
expires: Fri, 16 Jul 2021 15:06:25 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 39ms
14ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 66eba7a65924dfd7-FRA

GET
DATA 200
OK truncated
/ 513 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tqs.js Show response
auth.westerncentralnyaaa.com/modules/custom/member_login/ 827 B
500 B 122ms
120ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/custom/member_login/tqs.js?v=1.x

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91c778b39c01d0a1d83628470993953521809c9bbab5ceb462df4898e48a88b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/custom/member_login/tqs.js?v=1.x
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=986
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Thu, 06 Feb 2020 19:34:05 GMT
server: cloudflare
etag: W/"3da-59ded5b1d2540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6bde44ab5-FRA
cf-bgj: minify

GET
H/1.1 200
OK dm_gtm.js Show response
www.aaa.com/aaa/common/javascripts/ 1 KB
1 KB 684ms
138ms Script
application/x-javascript 209.82.215.211
NET-AAA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aaa.com/aaa/common/javascripts/dm_gtm.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 209.82.215.211 , United States, ASN12090 (NET-AAA, US),
Reverse DNS
Software: WebServer /
Resource Hash: 059d3c257d61801506bdc30c1cfcc61fbdf4c5c94a4163bc0c62ee153253b609

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:06:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jan 2019 21:13:43 GMT
Server: WebServer
ETag: "801d61decda6d41:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Cache-Control: max-age=86400
UniqueName: HEATHWWW4
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 697

GET
H/1.1 200
OK AAA_ActionTags.js Show response
www.aaa.com/configuration/SEM/ 55 KB
14 KB 804ms
257ms Script
application/x-javascript 209.82.215.211
NET-AAA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aaa.com/configuration/SEM/AAA_ActionTags.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 209.82.215.211 , United States, ASN12090 (NET-AAA, US),
Reverse DNS
Software: WebServer /
Resource Hash: 7fde221486c3e05f825980fec689e0671182230722188921d256b58a7383d9cb

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:06:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jul 2019 18:06:54 GMT
Server: WebServer
ETag: "0b3e3168136d51:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI PUR COM NAV INT DEM STA PRE"
UniqueName: HEATHWWW4
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 13588

GET
H2 200 webform.element.message.js Show response
auth.westerncentralnyaaa.com/modules/contrib/webform/js/ 2 KB
644 B 122ms
116ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/js/webform.element.message.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

946a1a2041e060fdffc021132a81d13fedd5fe3dfff660b98e440dd4f1d918c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/js/webform.element.message.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=3263
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"cbf-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce104ab5-FRA
cf-bgj: minify

GET
H2 200 webform.element.details.toggle.js Show response
auth.westerncentralnyaaa.com/modules/contrib/webform/js/ 2 KB
754 B 140ms
134ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/js/webform.element.details.toggle.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8e781fa41bd606412fc26ad5bb6caed0e883123b2cc11271a09b9c2bb40369d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/js/webform.element.details.toggle.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=4017
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"fb1-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce134ab5-FRA
cf-bgj: minify

GET
H2 200 announce.js Show response
auth.westerncentralnyaaa.com/core/misc/ 1023 B
488 B 123ms
116ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/misc/announce.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295fa0a238f7b743386046e989b25686151742cd7b8365d74e9a249765e6c845

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/misc/announce.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=1470
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"5be-5c36856e0ae98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce144ab5-FRA
cf-bgj: minify

GET
H2 200 webform.element.details.save.js Show response
auth.westerncentralnyaaa.com/modules/contrib/webform/js/ 2 KB
650 B 122ms
114ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/js/webform.element.details.save.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcec8a0dc2c56f1e8f7ca1c15f5fdfaffd5f51ccf3056c6d934df6b912549e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/js/webform.element.details.save.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=3331
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"d03-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce154ab5-FRA
cf-bgj: minify

GET
H2 200 webform.form.js Show response
auth.westerncentralnyaaa.com/modules/contrib/webform/js/ 1 KB
716 B 119ms
112ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/js/webform.form.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2918bc961d63e4aca75eb8f6bb9edae1786c5f5eef52154c876ba91c6ffd4179

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/js/webform.form.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=3417
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"d59-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce1b4ab5-FRA
cf-bgj: minify

GET
H2 200 form.js Show response
auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/misc/ 644 B
419 B 377ms
370ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/misc/form.js?qv84ai

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d32aa3d334a689cb31945a78fd8ed8324e90fa70ab56b1ef8896927ce61ecae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/contrib/bootstrap/js/misc/form.js?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=987
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Tue, 04 Aug 2020 14:36:01 GMT
server: cloudflare
etag: W/"3db-5ac0e2c947640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce1e4ab5-FRA
cf-bgj: minify

GET
H2 200 form.js Show response
auth.westerncentralnyaaa.com/core/misc/ 4 KB
1 KB 117ms
110ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/misc/form.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc43f58507b9862045941b7a74c729ef8c86aaa8c05ef29c68c0e05f1dac47f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/misc/form.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=4969
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"1369-5c36856e0b668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce204ab5-FRA
cf-bgj: minify

GET
H2 200 debounce.js Show response
auth.westerncentralnyaaa.com/core/misc/ 448 B
308 B 139ms
132ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/misc/debounce.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0167a32bd91afc770a265348e44bf5964ed92cbacb0c0757ef7a41929e2246c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/misc/debounce.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=752
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"2f0-5c36856e0ae98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce234ab5-FRA
cf-bgj: minify

GET
H2 200 tooltip.js Show response
auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/ 1006 B
491 B 138ms
131ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/tooltip.js?qv84ai

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab0cb68a54ce8eaa6ef7cc65f138f81c0e45baa50eb974f69037c0d88b73f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/contrib/bootstrap/js/tooltip.js?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=1684
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Tue, 04 Aug 2020 14:35:43 GMT
server: cloudflare
etag: W/"694-5ac0e2b81cdc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce244ab5-FRA
cf-bgj: minify

GET
H2 200 popover.js Show response
auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/ 3 KB
1 KB 125ms
118ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/popover.js?qv84ai

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f789480b9b23aea49489e81555a2b8d702abdb3faff634d4a42476a6f19c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/contrib/bootstrap/js/popover.js?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=5659
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Tue, 04 Aug 2020 14:35:46 GMT
server: cloudflare
etag: W/"161b-5ac0e2baf9480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce274ab5-FRA
cf-bgj: minify

GET
H2 200 webform_bootstrap.states.js Show response
auth.westerncentralnyaaa.com/modules/contrib/webform/modules/webform_bootstrap/js/ 401 B
279 B 138ms
132ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/modules/webform_bootstrap/js/webform_bootstrap.states.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

157b16c355bd2f9eaf81d41a1b38426f153434c4a1f7046d92c7fa6f38aff74e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/modules/webform_bootstrap/js/webform_bootstrap.states.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=713
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"2c9-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce2a4ab5-FRA
cf-bgj: minify

GET
H2 200 webform.states.js Show response
auth.westerncentralnyaaa.com/modules/contrib/webform/js/ 10 KB
2 KB 118ms
111ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/js/webform.states.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48aca5a50025c3e198b6c2ecc6e1fafbb08f3f4971a6ccbc3d6a25ae13c2f18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/js/webform.states.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=20499
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"5013-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce2c4ab5-FRA
cf-bgj: minify

GET
H2 200 states.js Show response
auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/misc/ 290 B
262 B 136ms
129ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/misc/states.js?qv84ai

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c29e77b9ad9772c60d3c55754b03680bf36e13c68caf8d44b08bd2997d04dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/contrib/bootstrap/js/misc/states.js?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=1046
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Tue, 04 Aug 2020 14:35:59 GMT
server: cloudflare
etag: W/"416-5ac0e2c75f1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce2e4ab5-FRA
cf-bgj: minify

GET
H2 200 states.js Show response
auth.westerncentralnyaaa.com/core/misc/ 7 KB
2 KB 146ms
140ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/misc/states.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6310375708b66296203198f595fae0b8628784c3d8dc78e6b0dde5737a46c464

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/misc/states.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=10392
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"2898-5c36856e0c608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce554ab5-FRA
cf-bgj: minify

GET
H2 200 webform.behaviors.js Show response
auth.westerncentralnyaaa.com/modules/contrib/webform/js/ 664 B
372 B 137ms
130ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/contrib/webform/js/webform.behaviors.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1932cd63f037a72ae02e07eb4f7c285fcc6aad3e9c70176158f9a0ef279d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/webform/js/webform.behaviors.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=1412
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 21:24:05 GMT
server: cloudflare
etag: W/"584-5c19bd0756740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce564ab5-FRA
cf-bgj: minify

GET
H2 200 theme.js Show response
auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/ 2 KB
622 B 136ms
130ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/theme.js?qv84ai

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c357e5296fcb72cebe77e61bb4955af53e881e4dfecd83ae961ebe7caeaac03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/contrib/bootstrap/js/theme.js?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=5248
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Tue, 04 Aug 2020 14:35:43 GMT
server: cloudflare
etag: W/"1480-5ac0e2b81cdc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce574ab5-FRA
cf-bgj: minify

GET
H2 200 attributes.js Show response
auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/ 4 KB
1 KB 138ms
132ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/attributes.js?qv84ai

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

674ffee773da54d5c276d9a2ca9f2151a6e9065b57f7ed4e27fc94517c87340f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/contrib/bootstrap/js/attributes.js?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=10066
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Tue, 04 Aug 2020 14:35:44 GMT
server: cloudflare
etag: W/"2752-5ac0e2b911000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce584ab5-FRA
cf-bgj: minify

GET
H2 200 drupal.bootstrap.js Show response
auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/ 8 KB
2 KB 139ms
133ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/themes/contrib/bootstrap/js/drupal.bootstrap.js?qv84ai

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee7107ff1b4f4da253dbecec7e593f6e39872239b4c6414463be5b56121b47e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/contrib/bootstrap/js/drupal.bootstrap.js?qv84ai
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=18660
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Tue, 04 Aug 2020 14:35:45 GMT
server: cloudflare
etag: W/"48e4-5ac0e2ba05240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce5a4ab5-FRA
cf-bgj: minify

GET
H2 200 underscore-min.js Show response
auth.westerncentralnyaaa.com/core/assets/vendor/underscore/ 19 KB
7 KB 151ms
146ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/assets/vendor/underscore/underscore-min.js?v=1.13.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

218fb1c1fc72e9af6b866f430be2a67fa376392b4db2f4dbf32772671b6ae55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/assets/vendor/underscore/underscore-min.js?v=1.13.1
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"4c4a-5c36856deca38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
content-type: application/javascript
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 66eba7a6ce5b4ab5-FRA

GET
H2 200 footer.js Show response
westerncentralny.aaa.com/etc/clientlibs/aaa-wcny-web/remote/ 394 B
679 B 372ms
104ms Script
text/javascript 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-wcny-web/remote/footer.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 455efcbcce5b2447435daaaae083cf3534472b71cba4d451c733599c1783bcff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 19:25:28 GMT
x-cdn: Imperva
etag: "7ac6a45e"
content-type: text/javascript
x-iinfo: 9-11629435-11627939 2CNN RT(1626275185754 0) q(0 0 0 0) r(0 0)
cache-control: max-age=3018, public
content-length: 256
expires: Wed, 14 Jul 2021 15:56:43 GMT

GET
H2 200 widget-ometrics.js Show response
www.ometrics.com/widget/ 1 KB
1 KB 68ms
28ms Script
application/x-javascript 2606:4700:20::681a:5d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ometrics.com/widget/widget-ometrics.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd86d6b91dd38dc91f1753bedae33c613ed0c2632395ea1e90494a8313fe16b2

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 738
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 09 Apr 2021 19:30:10 GMT
server: cloudflare
etag: W/"4ea-5bf8f313f14bc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egDXoznAMOeJ6vsQIcd0IFFnKRhTvS3SwYpQuSwFOz%2B55eOsiKT8XF8IG4I3vI4CFGdHk4PcSR0fQ1Ol39m3TQmpXYdC44A2GWetDu488vf7WVeI9LO60irmNPaNAKGbaokMxYrDnXjlh3RzULE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 66eba7a70a1fd6d1-FRA
expires: Wed, 14 Jul 2021 15:24:07 GMT

GET
H2 200 launch-5fcb88890edd.min.js Show response
assets.adobedtm.com/5ddcd7778a26/14e4d0835427/ 262 KB
78 KB 28ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0cb75d8e60e2bf17f76f90dcf6746bd2c94ff7f65676e7c11f7d8b37a830b02b

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: gzip
last-modified: Fri, 21 May 2021 19:49:15 GMT
server: AkamaiNetStorage
etag: "cbbdb013fee3663e3a8a4fb97484e107:1621626555.961167"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 79831
expires: Wed, 14 Jul 2021 16:06:25 GMT

GET
H2 200 ckeditor_config.js Show response
auth.westerncentralnyaaa.com/modules/custom/membership/ 379 B
310 B 146ms
141ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/custom/membership/ckeditor_config.js?v=1.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25a3c3b7c7c53758dbff470b6697a43a65a652d0440fb49770d4332e8b5efa34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/custom/membership/ckeditor_config.js?v=1.1
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=666
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Thu, 09 Aug 2018 15:42:22 GMT
server: cloudflare
etag: W/"29a-5730279137380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce5d4ab5-FRA
cf-bgj: minify

GET
H2 200 user_member.js Show response
auth.westerncentralnyaaa.com/modules/custom/membership/ 5 KB
2 KB 137ms
132ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/custom/membership/user_member.js?v=1.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1220478d577025f495d7ea5b47ce559fbb6b92a3167c9eb0f15e7195e0a0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/custom/membership/user_member.js?v=1.1
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=8467
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Thu, 05 Apr 2018 19:09:13 GMT
server: cloudflare
etag: W/"2113-5691eacd30840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce5e4ab5-FRA
cf-bgj: minify

GET
H2 200 membership.js Show response
auth.westerncentralnyaaa.com/modules/custom/membership/ 16 KB
3 KB 150ms
146ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/custom/membership/membership.js?v=1.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17c6c2e18c5f4bb8c8469d1538aef9b0129835abeb1aa542d70a729545090e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/custom/membership/membership.js?v=1.1
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=23251
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Thu, 25 Mar 2021 20:59:47 GMT
server: cloudflare
etag: W/"5ad3-5be62b21c8b83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce604ab5-FRA
cf-bgj: minify

GET
H2 200 drupal.init.js Show response
auth.westerncentralnyaaa.com/core/misc/ 487 B
309 B 138ms
133ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/misc/drupal.init.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d20cab0cceff028b04f87ca0aa24242fe2197f53d3874c361f9296deb14135a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/misc/drupal.init.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=733
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"2dd-5c36856e0b668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce614ab5-FRA
cf-bgj: minify

GET
H2 200 drupal.js Show response
auth.westerncentralnyaaa.com/core/misc/ 5 KB
2 KB 157ms
153ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/misc/drupal.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a32c9d276605795d91796c1f3b3295eb284a4a8dea8ff1c037d71f3497ed687b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/misc/drupal.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=6388
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"18f4-5c36856e0b668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce624ab5-FRA
cf-bgj: minify

GET
H2 200 drupalSettingsLoader.js Show response
auth.westerncentralnyaaa.com/core/misc/ 347 B
347 B 138ms
134ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/misc/drupalSettingsLoader.js?v=9.1.9

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acf6e6c9052449f71763158aa2eb5e0a89dee411fc365ad62c6aacd054b13b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/misc/drupalSettingsLoader.js?v=9.1.9
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=518
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"206-5c36856e0b668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce7a4ab5-FRA
cf-bgj: minify

GET
H2 200 jquery.once.min.js Show response
auth.westerncentralnyaaa.com/core/assets/vendor/jquery-once/ 908 B
471 B 135ms
132ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.3
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"38c-5c36856deb6b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
content-type: application/javascript
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 66eba7a6ce7d4ab5-FRA

GET
H2 200 jquery.min.js Show response
auth.westerncentralnyaaa.com/core/assets/vendor/jquery/ 87 KB
30 KB 155ms
152ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /core/assets/vendor/jquery/jquery.min.js?v=3.5.1
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 28 May 2021 18:49:45 GMT
server: cloudflare
etag: W/"15d84-5c36856dec650"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
content-type: application/javascript
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 66eba7a6ce7e4ab5-FRA

GET
H2 200 cardinalPath.js Show response
auth.westerncentralnyaaa.com/modules/custom/join/assets/js/ 7 KB
1 KB 160ms
157ms Script
application/javascript 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/modules/custom/join/assets/js/cardinalPath.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bd669130dc9381c9aa147e13e69f4e76b0df33355c0560ff9a82b384d1c83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /modules/custom/join/assets/js/cardinalPath.js
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=13581
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
vary: Accept-Encoding
last-modified: Mon, 15 Apr 2019 20:24:48 GMT
server: cloudflare
etag: W/"350d-58697719f4400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66eba7a6ce804ab5-FRA
cf-bgj: minify

GET
H2 200 required.svg
auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/images/ 513 B
425 B 109ms
108ms Image
image/svg+xml 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/images/required.svg

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/css/test.css?qv84ai

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /themes/custom/wcnyaaa_bootstrap/images/required.svg
pragma: no-cache
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/css/test.css?qv84ai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.westerncentralnyaaa.com/themes/custom/wcnyaaa_bootstrap/css/test.css?qv84ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 22 Apr 2021 00:00:28 GMT
server: cloudflare
etag: W/"201-5c0845df56f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
content-type: image/svg+xml
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 66eba7a89aa54ab5-FRA

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 171ms
45ms XHR
application/json 52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F5237FF958248ED40A495E58%40AdobeOrg&d_nsid=0&ts=1626275186541

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b0aeb0a515a39a2e8ea3cea0a7a66c5f6c43e3757b0b6ca53daa97b0886181a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v012-0eecf40e0.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: q+LhyrXeSoI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://auth.westerncentralnyaaa.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1651
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 14 Jul 2021 16:06:26 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 23ms
23ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 14 Jul 2021 16:06:26 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 18ms
18ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Wed, 14 Jul 2021 16:06:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 300 KB
65 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRNSMVG

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29202caec7ef0c6430ba5ef19269c5a48a811f2f0c90bb0a032b8b66618d94b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65959
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:06:26 GMT

GET
H/1.1 200
OK AAA_ForeSeeAPI.js Show response
www.aaa.com/configuration/ 5 KB
2 KB 133ms
132ms Script
application/x-javascript 209.82.215.211
NET-AAA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aaa.com/configuration/AAA_ForeSeeAPI.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 209.82.215.211 , United States, ASN12090 (NET-AAA, US),
Reverse DNS
Software: WebServer /
Resource Hash: 15f1fde7deb1f2cfecb62abe9d99d230384ecbb429e962bd449f4259e64fbec6

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:06:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Oct 2019 18:48:40 GMT
Server: WebServer
ETag: "074accf1b90d51:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI PUR COM NAV INT DEM STA PRE"
UniqueName: HEATHWWW4
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 1968

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNSMVG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4540
date: Wed, 14 Jul 2021 13:50:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 14 Jul 2021 15:50:46 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 73ms
30ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNSMVG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
server: cafe
etag: 8394079078796230488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Jul 2021 15:06:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
25 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: e1OnEmgKrcIiZqUBVMhG+cGZILIXWmKNK6upQbWkJGMg/gEwebT6TbmnIy4EPo8ck7CzQJZlaAdeHHBGf3b8Ew==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:06:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 49ms
42ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-855808404

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNSMVG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94ad50ed63891fe54b55a578ed21fe2fa41be233d94237e216014479cab52147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36090
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:06:26 GMT

GET
H2 200 hotjar-1263437.js Show response
static.hotjar.com/c/ 8 KB
3 KB 84ms
47ms Script
application/javascript 13.224.96.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1263437.js?sv=6

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-61.zrh50.r.cloudfront.net

Software

Resource Hash

02ebb9b3abe47f1ba2b2629210cd5ee466965cfade16e8598ee619a4ef215059

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/98cc70d323df7835ded70de3afb77759
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: P1pH_MuloQYusch4Mye8hHDQoGSWuEkz0OidhdtTWrMRNI1zFmAvkg==
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 46ms
40ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1068577810

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNSMVG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7c3507754139fcf2e7add64bb5949cc51fc3fa8a0ff49c2ee5e380e4fe6c051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36102
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:06:26 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/4582/ 3 KB
2 KB 62ms
13ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/4582/i.js
Requested by: Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: 6eea5094565194a23eaabc191fd73bc7afd4a814609c3f634dbe5b1f5c30edb5

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 15:08:05 GMT
content-encoding: gzip
server: fasthttp
age: 86301
etag: 3e24033032eee
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public,max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 1571

GET
H2 204 insights.gif
ds.reson8.com/ 0
169 B 65ms
17ms Image
text/plain 104.18.8.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=[cache_buster]&t=0&pixt=resonate&advkey=0010M00001TAtUSQA1&opptykey=DREM0218A&evkey=200300736&evtype=impression

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 66eba7ad780501f8-ZRH
date: Wed, 14 Jul 2021 15:06:26 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 fire
audiology-149-adswizz.attribution.adswizz.com/ 68 B
134 B 180ms
51ms Image
image/png 108.128.38.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audiology-149-adswizz.attribution.adswizz.com/fire?pixelId=7bacc454-aad3-4353-8f7a-75e601b9146c&type=sitevisit&subtype=Sitewide&aw_0_req.gdpr=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.38.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-length: 68
content-type: image/png

GET
H/1.1 200
OK dest5.html Show response
aaanortheast.demdex.net/ Frame E64F 7 KB
3 KB 178ms
46ms Document
text/html 52.17.54.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aaanortheast.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.54.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: aaanortheast.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://auth.westerncentralnyaaa.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=86231085222053979733060319419620284320
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://auth.westerncentralnyaaa.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 14 Jul 2021 15:06:26 GMT
DCS: dcs-prod-irl1-1-v012-037df3aea.edge-irl1.demdex.com 6.3.1.20210623115127
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 2 Jul 2021 08:33:35 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 5MfIZ7rqQPg=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
mcdmetrics.aaa.com/ 48 B
514 B 90ms
22ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdmetrics.aaa.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=F5237FF958248ED40A495E58%40AdobeOrg&mid=85823009917147503553083112552975301606&ts=1626275186766

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

8a8b43371dcf53d65697bfa01ab4a6b5e14a82b766588668586da9170e0564cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-58944c9887-mr5pr
vary: Origin
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YO79cgAAAFaphA_u
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=86231085222053979733060319419620284320
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YO79cgAAAFaphA_u

42 B
958 B

43ms
43ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YO79cgAAAFaphA_u

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0c6811f58.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: muVtjR2dQSg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YO79cgAAAFaphA_u
Date: Wed, 14 Jul 2021 15:06:26 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 json Show response
mcdmetrics2.aaa.com/m2/aaanortheast/mbox/ 96 B
752 B 154ms
47ms XHR
application/json 34.251.77.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdmetrics2.aaa.com/m2/aaanortheast/mbox/json?mbox=target-global-mbox&mboxSession=2d104d655c0246c0a70afc82a7b161cb&mboxPC=&mboxPage=1e703756378c4bf4bae7e23daac4bba7&mboxRid=981ae3ceee80412e9e70b0a32e5efe57&mboxVersion=1.8.2&mboxCount=1&mboxTime=1626282386597&mboxHost=auth.westerncentralnyaaa.com&mboxURL=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&mboxMCSDID=68936D95AF832542-4E3DF832838B0C95&vst.trk=mcdmetric.aaa.com&vst.trks=mcdmetrics.aaa.com&mboxMCGVID=85823009917147503553083112552975301606&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.77.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-77-56.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1979db0ad5afaf84be589c09814a14eefee03f6a06b7fefd630446a6a18ca06a

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-request-id: 981ae3ceee80412e9e70b0a32e5efe57

GET
H/1.1 200
OK AAA_ActionTags.js Show response
www.aaa.com/configuration/SEM/ 55 KB
14 KB 134ms
134ms Script
application/x-javascript 209.82.215.211
NET-AAA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aaa.com/configuration/SEM/AAA_ActionTags.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 209.82.215.211 , United States, ASN12090 (NET-AAA, US),
Reverse DNS
Software: WebServer /
Resource Hash: 7fde221486c3e05f825980fec689e0671182230722188921d256b58a7383d9cb

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:06:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jul 2019 18:06:54 GMT
Server: WebServer
ETag: "0b3e3168136d51:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI PUR COM NAV INT DEM STA PRE"
UniqueName: HEATHWWW4
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 13588

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 14:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 441
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:59:05 GMT

GET
H3-29 200 1952064971507640 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 87ms
86ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1952064971507640?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c05d2fcbecebd73d3b2592071cbda8be98cf1ab2b6b2fe6e3c7bb4155fd93cb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: XEoPliUn4vUj9jgwcjZuG3i5NctDi3CzUjRute673zzRTNM6tcPzVpCDdrjC6S7TmFiNYdyOVR14b9+LM53x0w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:06:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=159905565&t=pageview&_s=1&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&dr=&dp=%2Fmembership%2Fmember-login&ul=en-us&de=UTF-8&dt=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALAAAAAC~&jid=207746942&gjid=1720420511&cid=243511597.1626275187&tid=UA-108240197-1&_gid=157641408.1626275187&_r=1&gtm=2wg7c0TRNSMVG&cd4=&cd11=0&cd12=0&cd13=0&z=1481564032

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
54 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJ469T8&l=aaa_gtm_dm

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0061724a79597f24c918b29f0209a35ec9757d1ea34b3612115936ad9d919d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55234
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:06:26 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
97 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-108240197-1&cid=243511597.1626275187&jid=207746942&gjid=1720420511&_gid=157641408.1626275187&_u=aGBAAEAKAAAAAC~&z=1266371139

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Jul 2021 15:06:26 GMT
content-type: text/plain
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/747105695/ 2 KB
1 KB 62ms
30ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/747105695/?random=1626275186868&cv=9&fst=1626275186868&num=1&value=0&label=tM3fCIGX8bgBEJ_bn-QC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&auid=732902569.1626275187&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

68e17b1669b3b110a5ba49af0c0d944f5129581bf7ed982c114be9215a77196e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/855808404/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855808404/?random=1626275186876&cv=9&fst=1626275186876&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93288115bac2a19911615326c3199363787f084b33c7a9870c15d7759137b62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1078
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068577810/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068577810/?random=1626275186877&cv=9&fst=1626275186877&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e484c62044892224d13f36e741c2142a7b1eaa68887377184020435c15bb605e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1081
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-108240197-1&cid=243511597.1626275187&jid=207746942&_u=aGBAAEAKAAAAAC~&z=1005226796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-108240197-1&cid=243511597.1626275187&jid=207746942&_u=aGBAAEAKAAAAAC~&z=1005226796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.c057a0a680ba2bae7796.js Show response
script.hotjar.com/ 219 KB
58 KB 45ms
15ms Script
application/javascript 13.224.96.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.c057a0a680ba2bae7796.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1263437.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-67.zrh50.r.cloudfront.net

Software

Resource Hash

cb90181b6bf15f3a6ac7cdb9fe1d93556420536f54ff831ebec5a653bf0bdcfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 07:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 632901
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59054
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 07:17:15 GMT
etag: "c4474e0a67f74d83e41d7cfcecc9929f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: aDmqzMUnizv6t2Y_hlGeYY7GmtPB5PL1g3xTiGpLVwSrUZKcsHgefA==

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 39ms
39ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ469T8&l=aaa_gtm_dm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
server: cafe
etag: 8394079078796230488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Jul 2021 15:06:26 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 52ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ469T8&l=aaa_gtm_dm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: 59E944231C0B491588DF791D13901342 Ref B: FRAEDGE1214 Ref C: 2021-07-14T15:06:26Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/855808404/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/855808404/?random=1626275186876&cv=9&fst=1626274800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=1599618161&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/855808404/ 42 B
64 B 28ms
26ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/855808404/?random=1626275186876&cv=9&fst=1626274800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=1599618161&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1068577810/ 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1068577810/?random=1626275186877&cv=9&fst=1626274800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=2766783475&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1068577810/ 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1068577810/?random=1626275186877&cv=9&fst=1626274800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=2766783475&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 151370398805471 Show response
connect.facebook.net/signals/config/ 46 KB
12 KB 62ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/151370398805471?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

12ef95573e4dda2839777b1c63fe0b31d74e29149197e84fe5118c0a64737041

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 14Cl+pzAR2fGFrZBKnQk3O5jNxVLEMAT04LoLOWMF9z5jijArF7glC7SDrBjiS0FaXd8Uw9ZPc0bDyF7nZryMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:06:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1952064971507640&ev=PageView&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275186983&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 14 Jul 2021 15:06:26 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/747105695/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/747105695/?random=992719126&cv=9&fst=1626275186868&num=1&value=0&label=tM3fCIGX8bgBEJ_bn-QC&guid=ON&resp=GooglemKTybQhCsO&eid=250505...
https://www.google.com/pagead/1p-conversion/747105695/?random=992719126&cv=9&fst=1626275186868&num=1&value=0&label=tM3fCIGX8bgBEJ_bn-QC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=160...
https://www.google.de/pagead/1p-conversion/747105695/?random=992719126&cv=9&fst=1626275186868&num=1&value=0&label=tM3fCIGX8bgBEJ_bn-QC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600...

42 B
64 B

27ms
26ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/747105695/?random=992719126&cv=9&fst=1626275186868&num=1&value=0&label=tM3fCIGX8bgBEJ_bn-QC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&auid=732902569.1626275187&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=cv3uYOaGOIr3-gbb07zoBA&cid=CAQSKQCNIrLMJ7SeJPxt0I7AzbpHgq71cdxI2r_vBdYiCZcYiUVAAgBeGhWz&eitems=ChEI8Ja6hwYQy5GL4YS0p_zpARIdAOYcvXmb9V6tbCZ0hLurUNf_6NRZgrOouVy1ZlY&random=2649211743&resp=GooglemKTybQhCsO&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/747105695/?random=992719126&cv=9&fst=1626275186868&num=1&value=0&label=tM3fCIGX8bgBEJ_bn-QC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&auid=732902569.1626275187&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=cv3uYOaGOIr3-gbb07zoBA&cid=CAQSKQCNIrLMJ7SeJPxt0I7AzbpHgq71cdxI2r_vBdYiCZcYiUVAAgBeGhWz&eitems=ChEI8Ja6hwYQy5GL4YS0p_zpARIdAOYcvXmb9V6tbCZ0hLurUNf_6NRZgrOouVy1ZlY&random=2649211743&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5950377.js Show response
bat.bing.com/p/action/ 0
126 B 169ms
169ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5950377.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Jul 2021 15:06:26 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 4232CE7C0D92425482C772012A47D848 Ref B: FRAEDGE1214 Ref C: 2021-07-14T15:06:27Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/768643034/ 2 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/768643034/?random=1626275187029&cv=9&fst=1626275187029&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e82bb98d946df20b490b8ebdd6de2b5676d031fa9f17584142d75653ac103f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994591697/ 2 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994591697/?random=1626275187031&cv=9&fst=1626275187031&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92ab0091cc78d10d897387ddb871bc3291c4d5315fa5954e12ad68166e755424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/933849799/ 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/933849799/?random=1626275187032&cv=9&fst=1626275187032&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127a5154aa648eaae14ba4645aa461a399ba03194812654c9ed7b2c5d4f011b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/995747453/ 2 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/995747453/?random=1626275187033&cv=9&fst=1626275187033&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f8056fc2975cc5ae70f9a1fd7898674db86ba52355e987814be6cb6e923f086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/969619756/ 2 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/969619756/?random=1626275187034&cv=9&fst=1626275187034&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4af1abfa326cfab790450767ab91dbec2c84857fb7050a20995b8686fa45f76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/997673764/ 2 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/997673764/?random=1626275187035&cv=9&fst=1626275187035&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1abcaf068f56e419faf1ca9eafc09a121e1937ca9ebf67d5aaf4cca6d981781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956500681/ 2 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956500681/?random=1626275187036&cv=9&fst=1626275187036&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b836ff22ac97f14d87668343c46ed94654ca7231f6c8d475696dc6b0900d5968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994252266/ 2 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994252266/?random=1626275187037&cv=9&fst=1626275187037&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff0dc2c452a9e5049f4d558165d67fc1791e737fb6b7e76eb9e33038bc8cfaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/836762974/ 2 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/836762974/?random=1626275187038&cv=9&fst=1626275187038&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d1f68b9a889a6f582fc0b589ae76a136236812bb521efd0972a4193af26448d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801538853/ 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801538853/?random=1626275187039&cv=9&fst=1626275187039&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

746dd3d15a71553a2be3c7c5fc387057ca2645962e9bbeea46b5bd9e1c08785c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956500441/ 2 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956500441/?random=1626275187040&cv=9&fst=1626275187040&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95bbc34e0835607c1dc8019fc6ed837652f11c72c95caad9020a9e67adf803d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/962827280/ 2 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962827280/?random=1626275187041&cv=9&fst=1626275187041&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dbbb6167bb815961271c749ce7e365be050638eb2ef1fb29a3419440edecdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
www.ometrics.com/widget/ 8 KB
2 KB 39ms
38ms Stylesheet
text/css 2606:4700:20::681a:5d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ometrics.com/widget/style.css
Requested by: Host: www.ometrics.com
URL: https://www.ometrics.com/widget/widget-ometrics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec20f3c85c4aaabb5548082c5d1315b6df92703869cb8d68a2ab9cb370f1bd7

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2579387
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Aug 2019 12:50:26 GMT
server: cloudflare
etag: W/"1f42-590a0046ad578-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2Q5G5IZQI32UbZUCRpvYJh2QuGNPOsiruChdBVr3W64n8wXxUzkpPPYzpLmdG%2FgLbUm56sbrUH6pqtwhixXAURRfsyrPWLLMIk0%2Ble3U1jBSXAW0%2FvDLx6X4xaQd1k8HkxaqcATUSStuvFWutA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 66eba7af0897d6d1-FRA
expires: Tue, 14 Jun 2022 18:36:40 GMT

GET
H2 200 ometrics-20210405.js Show response
www.ometrics.com/widget/ 135 KB
43 KB 47ms
47ms Script
application/x-javascript 2606:4700:20::681a:5d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ometrics.com/widget/ometrics-20210405.js
Requested by: Host: www.ometrics.com
URL: https://www.ometrics.com/widget/widget-ometrics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3055eaa4cdd4657b25fbb5c38b3f0385d13748828c3955080d76873acc2b4226

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1600
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 09 Apr 2021 19:30:10 GMT
server: cloudflare
etag: W/"21ce2-5bf8f313f14bc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VnTb3fMIC5k0Sz9kvgY5bl%2B7hJf8pbLgYAFe8Wr1LMX3OWEiDwhXbLStc5G4wxD9VVXMWNlHcR7O50zHj9WpU%2B2Kv%2B2%2FE1TgW%2BoSJGPApMu1yn8AswxzdQC7%2F%2FsojY1ouCKo6jtfBEuLidbCZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 66eba7af089dd6d1-FRA
expires: Wed, 14 Jul 2021 15:09:47 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 5 KB
2 KB 53ms
25ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=128055&u=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&f=1&r=0.7183792435702845
Requested by: Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: a1bcd010e1c02dce034e23482d2a4b696c3fa0de02575b472426aa98b5e16f5d

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Jul 2021 15:06:26 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 footer.html Show response
westerncentralny.aaa.com/remote/ Frame 81FF 13 KB
4 KB 118ms
117ms Document
text/html 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/remote/footer.html
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-wcny-web/remote/footer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache/2.4.46 (Amazon) Communique/4.2.0 /
Resource Hash: 63270488d3166243355692c5582ca168dfae8091107a5a5605ccb1e9f52c727b

Request headers

:method: GET
:authority: westerncentralny.aaa.com
:scheme: https
:path: /remote/footer.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://auth.westerncentralnyaaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://auth.westerncentralnyaaa.com/

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-type: text/html; charset=utf-8
server: Apache/2.4.46 (Amazon) Communique/4.2.0
cache-control: no-store, no-cache
last-modified: Wed, 14 Jul 2021 13:58:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
set-cookie: visid_incap_2501908=vFecQ834RZSzRgz8CUI+k3H97mAAAAAAQUIPAAAAAADEq1zWHRQe8G7l5PNwuV8C; expires=Thu, 14 Jul 2022 07:29:53 GMT; HttpOnly; path=/; Domain=.aaa.com nlbi_2501908=z+s5FBcv/WhwH00uA9bPIwAAAACwIFd65vCEb9OPXEQwkTRN; path=/; Domain=.aaa.com incap_ses_1342_2501908=6C2TaDxnezvBxENYGb6fEnL97mAAAAAAIQdHS6RW298i7gA7p7wmbQ==; path=/; Domain=.aaa.com
x-cdn: Imperva
x-iinfo: 9-11629585-11629586 NNNN CT(2 8 0) RT(1626275186821 0) q(0 0 0 0) r(0 0) U12

GET
H2 200 bootstrap.js Show response
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/ 74 KB
16 KB 9ms
7ms Script
application/javascript 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://auth.westerncentralnyaaa.com
Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2105549
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 16133
etag: W/"126dc-ESd/TgTPBwo1DlZrBT7yIVmTcgw"
x-served-by: cache-fra19131-FRA, cache-hhn4053-HHN
date: Wed, 14 Jul 2021 15:06:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=ef5160ee-fd73-4500-866a-bebaee9e2be7&ddsuuid=86231085222053979733060319419620284320
dpm.demdex.net/ Frame E64F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=86231085222053979733060319419620284320&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d86231085222053...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=ef5160ee-fd73-4500-866a-bebaee9e2be7&ddsuuid=86231085222053979733060319419620284320

42 B
958 B

53ms
53ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=ef5160ee-fd73-4500-866a-bebaee9e2be7&ddsuuid=86231085222053979733060319419620284320

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0d5da488f.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0N1auKp8TUc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Wed, 14 Jul 2021 15:08:42 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=ef5160ee-fd73-4500-866a-bebaee9e2be7&ddsuuid=86231085222053979733060319419620284320
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 14 Jul 2021 15:08:41 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/768643034/ 42 B
64 B 28ms
26ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/768643034/?random=1626275187029&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=2200387663&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/768643034/ 42 B
64 B 27ms
25ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/768643034/?random=1626275187029&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=2200387663&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 1146641878765458 Show response
connect.facebook.net/signals/config/ 46 KB
12 KB 65ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1146641878765458?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32a0a8d773f89385c6d3056ba52d1e29efdd9732bd5eded09c7c0241b83d7d33

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: RzN9D+mAAMRMM3KQm1VA57fmvFNnNa2ZKSVjbJy1J5/13ouOlw0nLT8a/6tv5VJp6X1Dqum+HfhItwh4mI12Bg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:06:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 15ms
13ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=151370398805471&ev=PageView&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275187125&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:27 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/933849799/ 42 B
64 B 24ms
21ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/933849799/?random=1626275187032&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=4149739709&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/933849799/ 42 B
64 B 23ms
21ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/933849799/?random=1626275187032&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=4149739709&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/969619756/ 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/969619756/?random=1626275187034&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=4052687087&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/969619756/ 42 B
64 B 22ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/969619756/?random=1626275187034&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=4052687087&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/994591697/ 42 B
64 B 20ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994591697/?random=1626275187031&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=3280638713&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/994591697/ 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994591697/?random=1626275187031&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=3280638713&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/997673764/ 42 B
64 B 22ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/997673764/?random=1626275187035&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=1079194978&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/997673764/ 42 B
64 B 22ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/997673764/?random=1626275187035&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=1079194978&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/801538853/ 42 B
64 B 25ms
23ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801538853/?random=1626275187039&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=598223960&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/801538853/ 42 B
64 B 30ms
28ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801538853/?random=1626275187039&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=598223960&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/956500681/ 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956500681/?random=1626275187036&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=3572167699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/956500681/ 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956500681/?random=1626275187036&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=3572167699&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/836762974/ 42 B
64 B 23ms
21ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/836762974/?random=1626275187038&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=1158766911&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/836762974/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/836762974/?random=1626275187038&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=1158766911&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/962827280/ 42 B
64 B 29ms
23ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/962827280/?random=1626275187041&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=2627434088&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/962827280/ 42 B
64 B 26ms
21ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/962827280/?random=1626275187041&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=2627434088&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/956500441/ 42 B
64 B 27ms
22ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956500441/?random=1626275187040&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=1408345074&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/956500441/ 42 B
64 B 26ms
22ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956500441/?random=1626275187040&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=1408345074&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/994252266/ 42 B
64 B 26ms
22ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994252266/?random=1626275187037&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=2972063537&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/994252266/ 42 B
64 B 25ms
21ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994252266/?random=1626275187037&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=2972063537&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/995747453/ 42 B
64 B 26ms
22ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/995747453/?random=1626275187033&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=3737590740&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/995747453/ 42 B
64 B 25ms
21ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/995747453/?random=1626275187033&cv=9&fst=1626274800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7c0&sendb=1&frm=0&url=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&tiba=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&async=1&fmt=3&is_vtc=1&random=3737590740&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 va-9d6ac57dbcbba3321dd904e6ee78b647.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 213 KB
61 KB 46ms
19ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=128055&u=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&f=1&r=0.7183792435702845
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 1dd62091424fb267c6eabbeb18c97f8a8613555ca43613e57a850214518c7c9d

Request headers

Origin: https://auth.westerncentralnyaaa.com
Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: br
last-modified: Tue, 13 Jul 2021 15:25:31 GMT
server: gfra1
etag: "60edb06b-f2d9"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62169
via: 1.1 google

GET
H3-29 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 136ms
111ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=128055&d=auth.westerncentralnyaaa.com&u=DB4761D9C1BFCB5ED1D9EE1688BAE6F0A&h=12775618b1af36ac8b4db01f93064a1c&t=false&r=0.35710714697564017

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 jquery.min.js Show response
westerncentralny.aaa.com/etc/clientlibs/aaa-core/thirdparty/ Frame 81FF 94 KB
33 KB 105ms
103ms Script
text/javascript 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-core/thirdparty/jquery.min.js
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c1cea713de0dd0e9a3bb4bb1d59ef381d32c347e41256335f31713e1d8a2643c

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 19:25:44 GMT
x-cdn: Imperva
etag: "f2838f32"
content-type: text/javascript
x-iinfo: 9-11629612-0 0CNN RT(1626275186950 0) q(0 -1 -1 2) r(0 -1)
cache-control: max-age=1322, public
content-length: 33225
expires: Wed, 14 Jul 2021 15:28:28 GMT

GET
H2 200 remote-libs.min.css
westerncentralny.aaa.com/etc/clientlibs/aaa-ne-web/core/ Frame 81FF 270 KB
44 KB 201ms
199ms Stylesheet
text/css 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-ne-web/core/remote-libs.min.css
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 45614c8641924df583fcb7fc7c2ddb55f31e5bde3022066403596c4000cc0615

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 19:30:30 GMT
x-cdn: Imperva
etag: "930e9b7c"
content-type: text/css
x-iinfo: 9-11629610-11627939 2CNN RT(1626275186950 0) q(0 0 0 0) r(0 0)
cache-control: max-age=1322, public
content-length: 44361
expires: Wed, 14 Jul 2021 15:28:28 GMT

GET
H2 200 remote.min.css
westerncentralny.aaa.com/etc/clientlibs/aaa-wcny-web/ Frame 81FF 33 KB
7 KB 310ms
309ms Stylesheet
text/css 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-wcny-web/remote.min.css
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 5f43e3c6bb729ac246a4324df2dacec04c95f3cfa369df7721031e4afc1d698b

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 19:23:41 GMT
x-cdn: Imperva
etag: "53eacf50"
content-type: text/css
x-iinfo: 9-11629611-11627947 2CNN RT(1626275186950 0) q(0 0 0 1) r(0 0)
cache-control: max-age=2632, public
content-length: 6598
expires: Wed, 14 Jul 2021 15:50:18 GMT

GET
H2 200 remote-libs.min.js Show response
westerncentralny.aaa.com/etc/clientlibs/aaa-ne-web/core/ Frame 81FF 486 KB
126 KB 311ms
310ms Script
text/javascript 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-ne-web/core/remote-libs.min.js
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 724a466ae26e610fdc3e7beeef792226a763cd88ca2278f6024ab8394e6fa80e

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 19:33:31 GMT
x-cdn: Imperva
etag: "041fd813"
content-type: text/javascript
x-iinfo: 9-11629613-11629615 2CNN RT(1626275186952 0) q(0 0 0 1) r(0 0)
cache-control: max-age=1322, public
content-length: 128700
expires: Wed, 14 Jul 2021 15:28:28 GMT

GET
H2 200 remote.min.js Show response
westerncentralny.aaa.com/etc/clientlibs/aaa-wcny-web/ Frame 81FF 4 KB
2 KB 311ms
310ms Script
text/javascript 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-wcny-web/remote.min.js
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8d0f8d2729c285dbfc4c28e86bce4ea84111ad9b2f70b62a8fcde00a00446eaf

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 19:37:08 GMT
x-cdn: Imperva
etag: "617e9aee"
content-type: text/javascript
x-iinfo: 9-11629614-11627963 2CNN RT(1626275186953 0) q(0 0 0 1) r(0 0)
cache-control: max-age=1322, public
content-length: 1369
expires: Wed, 14 Jul 2021 15:28:28 GMT

GET
H2 200 logo-apple.svg
westerncentralny.aaa.com/content/dam/aaa-ne-web/Images/LogosIcons/ Frame 81FF 7 KB
3 KB 105ms
103ms Image
image/svg+xml 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westerncentralny.aaa.com/content/dam/aaa-ne-web/Images/LogosIcons/logo-apple.svg
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8502e8bc6027bc4c91a2123eae71c971d9d7adc077c57a03dd11524f0378dbbf

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 17:36:48 GMT
x-cdn: Imperva
etag: "4990ede1"
content-type: image/svg+xml
x-iinfo: 9-11629652-11628729 2CNN RT(1626275187283 0) q(0 0 0 0) r(0 0)
cache-control: max-age=2666, public
content-length: 2810
expires: Wed, 14 Jul 2021 15:50:53 GMT

GET
H2 200 icon-googleplay.svg
westerncentralny.aaa.com/content/dam/aaa-ne-web/Images/LogosIcons/ Frame 81FF 5 KB
2 KB 105ms
103ms Image
image/svg+xml 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westerncentralny.aaa.com/content/dam/aaa-ne-web/Images/LogosIcons/icon-googleplay.svg
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 90652af82c8c9317c117cf87f35754fbb850567ef22e44c57c5cb9690b86f965

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 17:36:48 GMT
x-cdn: Imperva
etag: "afc522c4"
content-type: image/svg+xml
x-iinfo: 9-11629663-11629615 2CNN RT(1626275187357 0) q(0 0 0 0) r(0 0)
cache-control: max-age=2844, public
content-length: 1474
expires: Wed, 14 Jul 2021 15:53:51 GMT

GET
H2 200 youtube.png
westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/ Frame 81FF 8 KB
8 KB 105ms
104ms Image
image/png 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/youtube.png
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 4aeb16e1ea0c842e91d39b1a6eca074e93ab693352598b462319c85c1fdb23db

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
last-modified: Wed, 23 Jun 2021 16:03:22 GMT
x-cdn: Imperva
etag: "5e44009a"
content-type: image/png
x-iinfo: 9-11629671-0 0CNN RT(1626275187416 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=1326, public
content-length: 7683
expires: Wed, 14 Jul 2021 15:28:33 GMT

GET
H2 200 linkedin.svg
westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/ Frame 81FF 3 KB
2 KB 107ms
106ms Image
image/svg+xml 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/linkedin.svg
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9e5dd9c839201e7073f3f978c38dbb26170dde154e0058e1080adfeef3618ffc

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 17:37:43 GMT
x-cdn: Imperva
etag: "8adf45a8"
content-type: image/svg+xml
x-iinfo: 9-11629672-11628729 2CNN RT(1626275187417 0) q(0 0 0 1) r(0 0)
cache-control: max-age=2843, public
content-length: 1888
expires: Wed, 14 Jul 2021 15:53:50 GMT

GET
H2 200 facebook-wht.svg
westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/ Frame 81FF 2 KB
2 KB 109ms
108ms Image
image/svg+xml 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/facebook-wht.svg
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a22f32204b33e23ae314fbff464b5517df5a441dc7124e2e8775e6b238a80fdf

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 17:37:43 GMT
x-cdn: Imperva
etag: "e867369f"
content-type: image/svg+xml
x-iinfo: 9-11629673-11626802 2CNN RT(1626275187418 0) q(0 0 0 1) r(0 0)
cache-control: max-age=2843, public
content-length: 1271
expires: Wed, 14 Jul 2021 15:53:50 GMT

GET
H2 200 twitter-wht.svg
westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/ Frame 81FF 9 KB
5 KB 107ms
106ms Image
image/svg+xml 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/twitter-wht.svg
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 18a7917b58cd4c9c593d8a99b53269e1307be22454436c50de97a489ca484dc1

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 17:37:53 GMT
x-cdn: Imperva
etag: "000cbc84"
content-type: image/svg+xml
x-iinfo: 9-11629674-0 0CNN RT(1626275187420 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=1325, public
content-length: 4513
expires: Wed, 14 Jul 2021 15:28:32 GMT

GET
H2 200 instagram.svg
westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/ Frame 81FF 4 KB
1 KB 118ms
117ms Image
image/svg+xml 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westerncentralny.aaa.com/content/dam/aaa-wcny-web/images/icon/instagram.svg
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 317ac0633e7c3a2be9606727ecb1e5a893380b482ea8ca3fbfc33cd8d69b3a8f

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 17:37:46 GMT
x-cdn: Imperva
etag: "593915e1"
content-type: image/svg+xml
x-iinfo: 9-11629675-11628729 2CNN RT(1626275187420 0) q(0 0 0 1) r(0 0)
cache-control: max-age=2843, public
content-length: 1150
expires: Wed, 14 Jul 2021 15:53:50 GMT

GET
H2 200 aaa-logo.png
westerncentralny.aaa.com/content/dam/aaa-ne-web/Images/LogosIcons/ Frame 81FF 1 KB
1 KB 118ms
117ms Image
image/png 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westerncentralny.aaa.com/content/dam/aaa-ne-web/Images/LogosIcons/aaa-logo.png
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6056c68bc16bf95b2ba1c0d3eb5af8d35a9a2d57a97858b32554d2f63261789d

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
last-modified: Mon, 12 Jul 2021 17:38:41 GMT
x-cdn: Imperva
etag: "78bf2413"
content-type: image/png
x-iinfo: 9-11629676-11629630 2CNN RT(1626275187421 0) q(0 0 0 0) r(0 0)
cache-control: max-age=2842, public
content-length: 1084
expires: Wed, 14 Jul 2021 15:53:49 GMT

GET
H2 200 _Incapsula_Resource Show response
westerncentralny.aaa.com/ Frame 81FF 134 KB
19 KB 116ms
115ms Script
application/javascript 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=819579203
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e7ba0b391476e3604bedb38c57ad38f6e1568408a075e3a7218c7e2d0c5881cb

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19405
content-type: application/javascript

GET
H/1.1 200
OK AAA_ActionTags.js Show response
www.aaa.com/configuration/SEM/ 55 KB
14 KB 135ms
133ms Script
application/x-javascript 209.82.215.211
NET-AAA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aaa.com/configuration/SEM/AAA_ActionTags.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 209.82.215.211 , United States, ASN12090 (NET-AAA, US),
Reverse DNS
Software: WebServer /
Resource Hash: 7fde221486c3e05f825980fec689e0671182230722188921d256b58a7383d9cb

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:06:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jul 2019 18:06:54 GMT
Server: WebServer
ETag: "0b3e3168136d51:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI PUR COM NAV INT DEM STA PRE"
UniqueName: HEATHWWW4
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 13588

GET
H3-29 200 144988346136515 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 74ms
73ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/144988346136515?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ff078dda2ca251d2adae38ccc199d0a3ca7079c32d0caeced79a4080286b6ee

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: QD+P3LMt/v0n75Jq6liHRB0yLa8ZxyQXJ0js+QkjUP9c7H5UYPqEjWMdJQ6ZGRCoVzzIdjhFoGQWzZiEFo1Bdw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:06:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1146641878765458&ev=PageView&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275187200&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:27 GMT

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=iZFsWP2t1M3GsX5
dpm.demdex.net/ Frame E64F
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=iZFsWP2t1M3GsX5

42 B
958 B

47ms
44ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=iZFsWP2t1M3GsX5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0724e0829.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: BiCjNWXbTVw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 14 Jul 2021 15:06:26 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=iZFsWP2t1M3GsX5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 390 KB
48 KB 46ms
44ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=128055&settings_type=1&vn=7.0&r=0.44580059153828255
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 7108fc2964405bd367c126687b5a991a93291d39706867c747b58a07f3f615a1

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H3-29 200 502648527231514 Show response
connect.facebook.net/signals/config/ 46 KB
12 KB 65ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/502648527231514?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b5f437c1ae3fe3b1599c5f8b66b812974e4bd1fd15653d0b35921bcc150985d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: qeqHH4FnhIGuNb6kOxK1/sFrYesRikOwenn9OyW3+6nwkaVU698i3UXRCTLKxE1LueYALVy7Mg0/SM4Cz9tQtg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:06:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=144988346136515&ev=PageView&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275187311&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:27 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=1ea309485c02934841ed23722f8b8d23333179eb24651f37fc6aafad0b0fa47fb0da87c991749652
dpm.demdex.net/ Frame E64F
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=86231085222053979733060319419620284320
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODYyMzEwODUyMjIwNTM5Nzk3MzMwNjAzMTk0MTk2MjAyODQzMjAQABoNCPP6u4cGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=1ea309485c02934841ed23722f8b8d23333179eb24651f37fc6aafad0b0fa47fb0da87c991749652

42 B
958 B

44ms
43ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=1ea309485c02934841ed23722f8b8d23333179eb24651f37fc6aafad0b0fa47fb0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0921ed35a.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9wJM0ha2RNU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 14 Jul 2021 15:06:27 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=1ea309485c02934841ed23722f8b8d23333179eb24651f37fc6aafad0b0fa47fb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=2670741592686903522
dpm.demdex.net/ Frame E64F
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2670741592686903522

42 B
958 B

46ms
44ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=2670741592686903522

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0ce83c453.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Pv/fR+ZiS4E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=2670741592686903522
pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3-29 200 136696297006053 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 256ms
255ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/136696297006053?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

281031a90f0e9d98e734cf0a710f843df50a79029597b343c35e03354d24b523

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: VGXCI0STXBQuYMWs2JHjVEE1lhIiRYybtPtP6wQHkIvKASDgG0iAkZokHnaeoAQzMPDWgNxfNR6K9NVGH2rnRw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:06:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=502648527231514&ev=PageView&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275187455&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=28&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:27 GMT

GET
H/1.1 200
OK dm_gtm.js Show response
www.aaa.com/aaa/common/javascripts/ 1 KB
1 KB 130ms
130ms Script
application/x-javascript 209.82.215.211
NET-AAA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aaa.com/aaa/common/javascripts/dm_gtm.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 209.82.215.211 , United States, ASN12090 (NET-AAA, US),
Reverse DNS
Software: WebServer /
Resource Hash: 059d3c257d61801506bdc30c1cfcc61fbdf4c5c94a4163bc0c62ee153253b609

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:06:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jan 2019 21:13:43 GMT
Server: WebServer
ETag: "801d61decda6d41:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI PUR COM NAV INT DEM STA PRE"
Cache-Control: max-age=86400
UniqueName: HEATHWWW4
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 697

GET
H2 200 365868.gif
idsync.rlcdn.com/ Frame E64F 42 B
318 B 27ms
25ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=86231085222053979733060319419620284320
Requested by: Host: aaanortheast.demdex.net
URL: https://aaanortheast.demdex.net/dest5.html?d_nsid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Jul 2021 15:06:27 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1 200
OK cookienational.min.js Show response
www.aaa.com/jsincludes/cookie/ Frame 81FF 2 KB
1 KB 133ms
132ms Script
application/x-javascript 209.82.215.211
NET-AAA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aaa.com/jsincludes/cookie/cookienational.min.js?_=1626275187439
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-core/thirdparty/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 209.82.215.211 , United States, ASN12090 (NET-AAA, US),
Reverse DNS
Software: WebServer /
Resource Hash: 37de4c1fefde22d5de8dafbbd67512401600f61e32605902822b8d12476a56a5

Request headers

Referer: https://westerncentralny.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:06:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Mar 2012 12:52:04 GMT
Server: WebServer
ETag: "0b216ee97fbcc1:0"
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI PUR COM NAV INT DEM STA PRE"
UniqueName: HEATHWWW4
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 761

GET
H2 200 RobotoSlab-Bold-webfont.woff
westerncentralny.aaa.com/etc/clientlibs/aaa-core/thirdparty/font_robotoslab/fonts/robotoslab_bold/ Frame 81FF 138 KB
138 KB 130ms
129ms Font
application/octet-stream 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-core/thirdparty/font_robotoslab/fonts/robotoslab_bold/RobotoSlab-Bold-webfont.woff
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-ne-web/core/remote-libs.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache/2.4.46 (Amazon) Communique/4.2.0 /
Resource Hash: 4bdf03312a9acf71632ddb3c69a1564cdbe3ced5a7d8b406abcb50faf470a28d

Request headers

Origin: https://westerncentralny.aaa.com
Referer: https://westerncentralny.aaa.com/etc/clientlibs/aaa-ne-web/core/remote-libs.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 17:36:52 GMT
server: Apache/2.4.46 (Amazon) Communique/4.2.0
vary: Accept-Encoding
x-iinfo: 9-11629678-11629615 2NNN RT(1626275187429 0) q(0 0 0 0) r(0 0) U12
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 Roboto-Light-webfont.woff
westerncentralny.aaa.com/etc/clientlibs/aaa-core/thirdparty/font_roboto/fonts/roboto_light/ Frame 81FF 24 KB
25 KB 124ms
124ms Font
application/octet-stream 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-core/thirdparty/font_roboto/fonts/roboto_light/Roboto-Light-webfont.woff
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/etc/clientlibs/aaa-ne-web/core/remote-libs.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache/2.4.46 (Amazon) Communique/4.2.0 /
Resource Hash: 94e3c960e7ac7a42aac1f0a681c9e4d497c626c0ee7593de6450410b6d4b26fd

Request headers

Origin: https://westerncentralny.aaa.com
Referer: https://westerncentralny.aaa.com/etc/clientlibs/aaa-ne-web/core/remote-libs.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 17:36:55 GMT
server: Apache/2.4.46 (Amazon) Communique/4.2.0
vary: Accept-Encoding
x-iinfo: 9-11629679-11628729 2NNN RT(1626275187431 0) q(0 0 0 1) r(0 0) U12
accept-ranges: bytes
content-length: 24525
x-cdn: Imperva

GET
H2

200

nl_status Show response
auth.westerncentralnyaaa.com/membership/ Frame 81FF
Redirect Chain

https://auth.westerncentralny.aaa.com/membership/nl_status?callback=jQuery1113023443212499124555_1626275187440&_=1626275187441
https://auth.westerncentralnyaaa.com/membership/nl_status?callback=jQuery1113023443212499124555_1626275187440&_=1626275187441

78 B
495 B

162ms
162ms

Script
text/javascript

2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/membership/nl_status?callback=jQuery1113023443212499124555_1626275187440&_=1626275187441

Requested by

Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3547dcdaa73babab6b7d8cd1d692f0673da1a737ee1a1ba17af0b487eac516

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /membership/nl_status?callback=jQuery1113023443212499124555_1626275187440&_=1626275187441
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.westerncentralnyaaa.com
referer: https://westerncentralny.aaa.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://westerncentralny.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="CAO DSP CURa DEVa PSAa PSDa OUR DELa STP BUS PHY ONL UNI PUR COM NAV DEM"
x-ua-compatible: IE=edge
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-language: en
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-generator: Drupal 9 (https://www.drupal.org)
cache-control: must-revalidate, no-cache, private
cf-ray: 66eba7b53c6d4ab5-FRA
expires: Sun, 19 Nov 1978 05:00:00 GMT

Redirect headers

Location: https://auth.westerncentralnyaaa.com/membership/nl_status?callback=jQuery1113023443212499124555_1626275187440&_=1626275187441
Date: Wed, 14 Jul 2021 15:06:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 hbpix
idpix.media6degrees.com/orbserv/ Frame E64F 43 B
278 B 350ms
200ms Image
image/gif 2606:4700::6812:b4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=86231085222053979733060319419620284320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 15 Sep 2017 19:12:19 GMT
server: cloudflare
etag: "59bc2613-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
accept-ranges: bytes
cf-ray: 66eba7b3f9514aaa-FRA
content-length: 43

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
67 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6BPC96&l=aaa_gtm_prod

Requested by

Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09b45fc6b2b5318586d204b7ffed361c98475c7998084adfa6a0efee25c3cb4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68873
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:06:27 GMT

GET
H2 200 RC91b21dcdab064ea7b60d182a7d11aa2c-source.min.js Show response
assets.adobedtm.com/5ddcd7778a26/14e4d0835427/8700c0365e93/ 445 B
565 B 16ms
16ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/8700c0365e93/RC91b21dcdab064ea7b60d182a7d11aa2c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fd0552012948bb3c028765c937bff5092e63e9ffbf9d014023dd4e95727e8bf0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Fri, 21 May 2021 19:49:16 GMT
server: AkamaiNetStorage
etag: "0c409c6a18d3be7fa82365649deb9c8e:1621626556.711041"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 292
expires: Wed, 14 Jul 2021 16:06:27 GMT

GET
H2 200 RC7386f8b998a74c0b974b213e2ea91468-source.min.js Show response
assets.adobedtm.com/5ddcd7778a26/14e4d0835427/8700c0365e93/ 373 B
513 B 16ms
16ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/8700c0365e93/RC7386f8b998a74c0b974b213e2ea91468-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ddcd7778a26/14e4d0835427/launch-5fcb88890edd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bb77857d931dcf91a6034e31513032fa72e17926b3d5d8a33f5cdc085ff68097

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
last-modified: Fri, 21 May 2021 19:49:16 GMT
server: AkamaiNetStorage
etag: "0c409c6a18d3be7fa82365649deb9c8e:1621626556.711041"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 239
expires: Wed, 14 Jul 2021 16:06:27 GMT

GET
H2 200 ijs_all_modules_08432f9ab25331ff443d33817ff6196d.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 475 KB
115 KB 154ms
12ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_08432f9ab25331ff443d33817ff6196d.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/4582/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9e46c5a7440c5c45e9317f8aa00e68a946c94ea2397f8b4ae345d563b89a9707

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 11:05:27 GMT
content-encoding: gzip
age: 14460
x-guploader-uploadid: ADPycdsFnQxYZtMc8xwQoOPgMZmKApBNRKTwqEH1SH7SudExBgVFPkJm7vSwtXQGvbAG70_1u6qnrjDrEKjv6G-RxBK3HCXTCg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 116943
last-modified: Thu, 08 Jul 2021 15:09:55 GMT
server: UploadServer
etag: "3eeab5f89ca487ac5bbddab066b8a75c"
vary: Accept-Encoding
x-goog-hash: crc32c=kt0XVg==, md5=Puq1+Jykh6xbvdqwZrinXA==
x-goog-generation: 1625756995683695
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 116943
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 14 Jul 2022 11:05:27 GMT

GET
H2 200 widget.php Show response
www.ometrics.com/widget/ 4 KB
2 KB 758ms
757ms Script
application/json 2606:4700:20::681a:5d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ometrics.com/widget/widget.php?ae90208b28aa0033ab884efac9e1890e&https://auth.westerncentralnyaaa.com/membership/member-login&&member-login&aHR0cHM6Ly9hdXRoLndlc3Rlcm5jZW50cmFsbnlhYWEuY29tL21lbWJlcnNoaXAvbWVtYmVyLWxvZ2lu&callback=jQuery1102025751205411658185_1626275187152&_=1626275187153
Requested by: Host: www.ometrics.com
URL: https://www.ometrics.com/widget/ometrics-20210405.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15
Resource Hash: 5331de4b8266769c78dd3eae3c4f70c4d70f369141650c8e7f554b6f9af1e748

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.15
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzW2f33BfFM5IQjiFBcN5YyuZe6%2FjnpnNN8%2B8sFbG%2FlhrF7Y3ySo71PWJkKJWQBRgRISmxX0flNRXk%2Bh5R3RCpEwYi4d998Ym8Ob2kHpW%2Bb8B7%2FNPnfvUXq7B1rCPUo4rkBRpJub6QVI2Mj1WSg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 66eba7b319e4d6d1-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 4266504.js Show response
js.hs-scripts.com/ 2 KB
1 KB 558ms
433ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4266504.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNSMVG
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e512e866277f46b94c383be1aab4fbb863312254c1286c7a2e583055cef0b0f8

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-hubspot-correlation-id: 3c750892-4d48-4ba4-ac10-0e15cf8b5bab
x-trace: 2B94EF5A4045D1BD53F2CDC618806529105FCFEDD6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://auth.westerncentralnyaaa.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 66eba7b3ea0005d8-FRA
expires: Wed, 14 Jul 2021 15:07:28 GMT

POST
H2 200 rum Show response
auth.westerncentralnyaaa.com/cdn-cgi/ 0
100 B 22ms
21ms XHR
text/plain 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/cdn-cgi/rum?req_id=66eba7a4986d4ab5

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://auth.westerncentralnyaaa.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8; at_check=true; _gcl_au=1.1.732902569.1626275187; AMCVS_F5237FF958248ED40A495E58%40AdobeOrg=1; _ga=GA1.2.243511597.1626275187; _gid=GA1.2.157641408.1626275187; _gat_UA-108240197-1=1; mbox=session#2d104d655c0246c0a70afc82a7b161cb#1626277047|PC#2d104d655c0246c0a70afc82a7b161cb.37_0#1689519987; _fbp=fb.1.1626275186981.342864295; _hjTLDTest=1; _hjid=5f912212-6efc-4fa5-b57c-73874adfa65a; _hjFirstSeen=1; AMCV_F5237FF958248ED40A495E58%40AdobeOrg=-1124106680%7CMCIDTS%7C18823%7CMCMID%7C85823009917147503553083112552975301606%7CMCAAMLH-1626879986%7C6%7CMCAAMB-1626879986%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1626282386s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18830%7CvVersion%7C5.2.0; gpv_e5=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York; gpv_e10=auth.westerncentralnyaaa.com%2Fmembership%2Fmember-login; _vwo_uuid_v2=DB4761D9C1BFCB5ED1D9EE1688BAE6F0A|12775618b1af36ac8b4db01f93064a1c; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _vwo_uuid=DB4761D9C1BFCB5ED1D9EE1688BAE6F0A; _vwo_ds=3%241626275186%3A16.5729177%3A%3A; _vwo_sn=0%3A1
content-length: 62989
:path: /cdn-cgi/rum?req_id=66eba7a4986d4ab5
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://auth.westerncentralnyaaa.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 66eba7b33e864ab5-FRA
vary: Origin

POST
H2 200 rum Show response
auth.westerncentralnyaaa.com/cdn-cgi/ 0
244 B 20ms
19ms XHR
text/plain 2606:4700:10::ac43:199b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.westerncentralnyaaa.com/cdn-cgi/rum?req_id=66eba7a4986d4ab5

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:199b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://auth.westerncentralnyaaa.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: SSESS4936356d821b25cdb1cebf418e73bccf=gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8; at_check=true; _gcl_au=1.1.732902569.1626275187; AMCVS_F5237FF958248ED40A495E58%40AdobeOrg=1; _ga=GA1.2.243511597.1626275187; _gid=GA1.2.157641408.1626275187; _gat_UA-108240197-1=1; mbox=session#2d104d655c0246c0a70afc82a7b161cb#1626277047|PC#2d104d655c0246c0a70afc82a7b161cb.37_0#1689519987; _fbp=fb.1.1626275186981.342864295; _hjTLDTest=1; _hjid=5f912212-6efc-4fa5-b57c-73874adfa65a; _hjFirstSeen=1; AMCV_F5237FF958248ED40A495E58%40AdobeOrg=-1124106680%7CMCIDTS%7C18823%7CMCMID%7C85823009917147503553083112552975301606%7CMCAAMLH-1626879986%7C6%7CMCAAMB-1626879986%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1626282386s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18830%7CvVersion%7C5.2.0; gpv_e5=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York; gpv_e10=auth.westerncentralnyaaa.com%2Fmembership%2Fmember-login; _vwo_uuid_v2=DB4761D9C1BFCB5ED1D9EE1688BAE6F0A|12775618b1af36ac8b4db01f93064a1c; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _vwo_uuid=DB4761D9C1BFCB5ED1D9EE1688BAE6F0A; _vwo_ds=3%241626275186%3A16.5729177%3A%3A; _vwo_sn=0%3A1
content-length: 5262
:path: /cdn-cgi/rum?req_id=66eba7a4986d4ab5
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: auth.westerncentralnyaaa.com
referer: https://auth.westerncentralnyaaa.com/membership/member-login
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://auth.westerncentralnyaaa.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 66eba7b34eb74ab5-FRA
vary: Origin

GET
H2 204 0
bat.bing.com/action/ 0
172 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5950377&tm=gtm001&Ver=2&mid=ff36dea6-97df-4d8d-b16b-1047f4ab77a8&sid=1037cb60e4b511ebad21e70818223404&vid=1037e1c0e4b511ebb1393d5416d8e711&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&p=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&r=&lt=3382&evt=pageLoad&msclkid=N&sv=1&rn=891677
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2A0F9932C8784FD897D993EC1157EEDA Ref B: FRAEDGE1214 Ref C: 2021-07-14T15:06:27Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 252402119274800 Show response
connect.facebook.net/signals/config/ 46 KB
12 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/252402119274800?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2865048f681166c9a6275162cd21f9831f551c0cb4590f7d0ecff0a480a6b596

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: hAthuEhaqgxk8RTbVvAk3ZySJwEjSxuL7+cEOrwaZq8tHBrDXIrozuekYGassD5gDkE/VGNmJNG7tM/Jlg5U/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:06:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=136696297006053&ev=PageView&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275187742&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:27 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 7E78 2 KB
1 KB 40ms
12ms Document
text/html 13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1263437.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://auth.westerncentralnyaaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://auth.westerncentralnyaaa.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 1-TwN_bLLtUQ95mUUaN8jAig9ZvtOYcKoIE9e30g1g_V_arR-hO5gw==
age: 846165

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=e1945520-5142-4975-9f50-c36edbc7aff0
dpm.demdex.net/ Frame E64F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e1945520-5142-4975-9f50-c36edbc7aff0

42 B
958 B

44ms
43ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=e1945520-5142-4975-9f50-c36edbc7aff0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0f1d2efda.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: I9sfgSzzT+g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=e1945520-5142-4975-9f50-c36edbc7aff0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 s12077748193688 Show response
mcdmetrics.aaa.com/b/ss/aaanortheastwcny/10/JS-2.22.0-LBSQ/ 5 KB
6 KB 50ms
50ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdmetrics.aaa.com/b/ss/aaanortheastwcny/10/JS-2.22.0-LBSQ/s12077748193688?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=14%2F6%2F2021%2017%3A6%3A27%203%20-120&d.&nsid=0&jsonv=1&coop_safe=1&.d&sdid=68936D95AF832542-4E3DF832838B0C95&mid=85823009917147503553083112552975301606&aamlh=6&ce=UTF-8&pageName=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&g=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&cc=USD&ch=Membership%20-%20Application&events=event4&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=auth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&v5=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&v6=auth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&c12=D%3DUser-Agent&c15=auth.westerncentralnyaaa.com&v37=85823009917147503553083112552975301606&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F5237FF958248ED40A495E58%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

49934d735630317b021a35512c723ad1b2aeabae9228acec587ef112dbb21af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid: K45aBHnrRu8=
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
vary: *
content-length: 5451
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v012-0ade9229d.edge-irl1.demdex.com 6.3.1.20210623115127
pragma: no-cache
last-modified: Thu, 15 Jul 2021 15:06:27 GMT
server: jag
xserver: anedge-58944c9887-9qn9w
etag: 3492399371458641920-4619609179740121333
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 13 Jul 2021 15:06:27 GMT

GET
H2 200 _Incapsula_Resource
westerncentralny.aaa.com/ Frame 81FF 1 B
243 B 105ms
105ms Image
text/plain 45.60.150.98
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://westerncentralny.aaa.com/_Incapsula_Resource?SWKMTFSR=1&e=0.483439478722957
Requested by: Host: westerncentralny.aaa.com
URL: https://westerncentralny.aaa.com/remote/footer.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.150.98 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://westerncentralny.aaa.com/remote/footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=252402119274800&ev=PageView&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275187916&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=28&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:27 GMT

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=2tWcbzzFue4ZvcjPNblW06rYSXIV9PNyVTdVFW-lPC-s
dpm.demdex.net/ Frame E64F
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=86231085222053979733060319419620284320&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=86231085222053979733060319419620284320&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2tWcbzzFue4ZvcjPNblW06rYSXIV9PNyVTdVFW-lPC-s

42 B
958 B

75ms
42ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2tWcbzzFue4ZvcjPNblW06rYSXIV9PNyVTdVFW-lPC-s

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-05eac8427.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: TFoJqF67SrI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2tWcbzzFue4ZvcjPNblW06rYSXIV9PNyVTdVFW-lPC-s
Date: Wed, 14 Jul 2021 15:06:28 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=159905565&t=pageview&_s=1&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&ul=en-us&de=UTF-8&dt=Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALBAAAAC~&jid=1749296693&gjid=657684116&cid=243511597.1626275187&tid=UA-96133587-4&_gid=157641408.1626275187&_r=1&gtm=2wg7c0T6BPC96&cd2=Membership&cd4=Functionality%20Page&cd13=TQS1&cd1=084&cd3=information%20maintenance&z=1864713214

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6BPC96&l=aaa_gtm_prod

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4541
date: Wed, 14 Jul 2021 13:50:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 14 Jul 2021 15:50:46 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 31ms
16ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-96133587-4&cid=243511597.1626275187&jid=1749296693&gjid=657684116&_gid=157641408.1626275187&_u=aGDACEALBAAAAC~&z=1140873794

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Jul 2021 15:06:28 GMT
content-type: text/plain
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 local_storage_frame16.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 7CC1 2 KB
1 KB 13ms
13ms Document
text/html 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_08432f9ab25331ff443d33817ff6196d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

:method: GET
:authority: assets.bounceexchange.com
:scheme: https
:path: /assets/bounce/local_storage_frame16.min.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://auth.westerncentralnyaaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://auth.westerncentralnyaaa.com/

Response headers

x-guploader-uploadid: ADPycdtkXeorO3mz_PT_mr3N0oTgoBsW6751OVWxJ7ehhfW9noaVjRk7P2p62s_1jDgPm5bVWLUiGtX87hrmnORPKg8
date: Thu, 08 Jul 2021 12:28:41 GMT
expires: Fri, 08 Jul 2022 12:28:41 GMT
last-modified: Tue, 06 Jul 2021 14:20:41 GMT
etag: "dc641932c82e6ee59bda2ca28205919e"
x-goog-generation: 1625581241151165
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1055
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-goog-hash: crc32c=CSrHAA== md5=3GQZMsgubuWb2iyiggWRng==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1055
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
server: UploadServer
age: 527866
cache-control: public,max-age=31536000
alt-svc: clear

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-96133587-4&cid=243511597.1626275187&jid=1749296693&_u=aGDACEALBAAAAC~&z=1019436735

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-96133587-4&cid=243511597.1626275187&jid=1749296693&_u=aGDACEALBAAAAC~&z=1019436735

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
319 B 152ms
120ms Script
text/html 34.117.4.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAmEgdgFZ8AOagBmIBZNgAvEKAWn2LswHcApgCMcqYIID6qACZRGFasUwAnQThAAbOGgwFCdOgA8eh1YJiCValVGwBDTZtQIA5pLgrNUABbBgAA44AKQAzACCwcQAYlHR9jo+AHRCOBIqyIIIwCqOCACe9kVJSCAAtnFlgmXCVjg+qAGV1bUqnJogri6YAG6oYsCSpSAA1qiCUMFkAEJRxJpNxMRhkUt+gSHEFBFRFDG7MQnAyanpmdm5mgVF9iXlB9FVNXUNi3uPLVbtnS5zUQDCcxUfx2Sz+ZAAItgQKNxpMZlMocMxlJQCBJJp7CpXBMYI4cIJMMIAlA+IJAlAANoAXUwAWAeGhZQCznsmUkMExrjsPR89igQA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_08432f9ab25331ff443d33817ff6196d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 53.4.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
via: 1.1 google
server: istio-envoy
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: gzip
x-envoy-upstream-service-time: 88
content-type: text/html; charset=UTF-8
alt-svc: clear

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame E64F
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=86231085222053979733060319419620284320&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-wGFYF8dE2pEKZEXZeFyBLCymf19rLnz37tg-~A

42 B
958 B

43ms
42ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-wGFYF8dE2pEKZEXZeFyBLCymf19rLnz37tg-~A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0921ed35a.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rgf/6hxDRGk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 14 Jul 2021 15:06:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-wGFYF8dE2pEKZEXZeFyBLCymf19rLnz37tg-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame E64F
Redirect Chain

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ6795615882063830707&uid=Q6795615882063830707&ref=%2Feucm%2Fp%2Fadpq
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

31ms
31ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:06:28 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Wed, 14 Jul 2021 15:06:28 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 404 usersync
usersync.videoamp.com/ Frame E64F 0
79 B 331ms
107ms Image
text/plain 54.88.20.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.videoamp.com/usersync?partner_id=6667929&partner_user_id=86231085222053979733060319419620284320&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D70962%26dpuuid%3D%7Bvamp_user_id%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.20.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 0

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 81 KB
20 KB 66ms
47ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4266504.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273d44f76a2259ceacdb278335c84c20071762ce72e3a0f504036f8870f112d1

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
via: 1.1 91541e88a15c80bced2ffb950f407c1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 560
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9034/bundles/project.js&cfRay=66eb9a0998e31f25-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 12 Jul 2021 01:31:50 UTC
server: cloudflare
etag: W/"50239f30616919cbeaf198a2491428b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: nFtD6n.snIg3sVO5j8krq2r5hrGd4vLO
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 66eba7b6ca48dfb7-FRA
x-amz-cf-id: TwIZhx4IpgGexRBfvAM424bLyGv5TrszYlcdJvAyQ3esTJfh2gjUSg==
x-hs-target-asset: conversations-embed/static-1.9034/bundles/project.js

GET
H2 200 4266504.js Show response
js.hs-analytics.net/analytics/1626275100000/ 63 KB
19 KB 181ms
162ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1626275100000/4266504.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4266504.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b6a9919bc99d1b7ea1ba013242b313c09ec9ea32e0c7b5d7073c86ecfcda58c

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: X1MD189TWNJ8DBG1
x-amz-server-side-encryption: AES256
cf-ray: 66eba7b6ce2c4eaa-FRA
x-amz-id-2: e1GKEGVDFtpi4/MFvjERtfuyQzYHM96t/IehZxOtIL5PioZyZY+xsPDqkYpuX/Pkk6zB6oyKrOA=
last-modified: Wed, 12 May 2021 19:33:40 GMT
server: cloudflare
etag: W/"222df8e531fc660f4a0c34876c757558"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 14 Jul 2021 15:11:28 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 38ms
21ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4266504.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 947678fccd0d637da1d4ae67ad7b74cf8ad6cfc11e86ac75554b38ea7d28037f

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
via: 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 359
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.238/bundles/pixels-release.js&cfRay=66eb9ef1e8a2178a-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Fri, 25 Jun 2021 07:24:42 UTC
server: cloudflare
etag: W/"061519308a1db0a6d139576dca0de86c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 8gkiM8TAIY24hypoOf97jK4fww2ofOd8
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 66eba7b6c9f4dffb-FRA
x-amz-cf-id: Jn4GwQbHEil0VKrOH-HqkcmkwdltciwXalI665uw4-ci78R1c3DhuA==
x-hs-target-asset: adsscriptloaderstatic/static-1.238/bundles/pixels-release.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 475 KB
80 KB 154ms
135ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4266504.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e734e59613ad8acfa314df40d191a7ffc831d35ce0409836d712e6233ade125a

Request headers

Origin: https://auth.westerncentralnyaaa.com
Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
via: 1.1 077b94dab77b8114aebf503be197d7d9.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1029/bundle/main/lead-flows-release.js&cfRay=66eba7b6cf3a4e13-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 66eba7b6cf3a4e13-FRA
last-modified: Mon, 28 Jun 2021 03:28:39 UTC
server: cloudflare
etag: W/"16c85022f7119b37a5c687536a0fc6c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 2ZrFT_N1HUqNtLS_U.sDzHSxM6LIMAgx
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 9df0XAV4PzhWys1OxjgdrrmoD4P8lIrfSWG9Z_nHju81DqCDClQ1-Q==
x-hs-target-asset: lead-flows-js/static-1.1029/bundle/main/lead-flows-release.js

GET
H2 200 4266504.js Show response
js.hs-banner.com/ 60 KB
15 KB 505ms
486ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4266504.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4266504.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21f655a8704b09bcb76de2df6b9b7e40daa7144a91cc8b361129895c3d2d7eca

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-amz-request-id: X1M38YFH7XM6207K
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: AYZvPrksE5VUodXmwrBbWIwmPr1aKNHL3VWUnYS6MGOlzwk+pQZXCSec5PqV5ekFJN9PBudUS8Q=
timing-allow-origin: *
last-modified: Wed, 14 Jul 2021 14:52:09 GMT
server: cloudflare
etag: W/"756c388915d36ac8454ceeb30299517f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: J2.lmRn4r1XEMIU38xqG2r0lzByDLwhF
access-control-allow-origin: https://auth.westerncentralnyaaa.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 66eba7b6caeec2e5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 14 Jul 2021 15:11:28 GMT

GET
H/1.1

200
OK

ibs:dpid=73426&dpuuid=86231085222053979733060319419620284320
dpm.demdex.net/ Frame E64F
Redirect Chain

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=86231085222053979733060319419620284320&rn=1626275186688&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D862310852220539...
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=86231085222053979733060319419620284320&rn=1626275186688&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D86231085222053...
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=86231085222053979733060319419620284320

42 B
958 B

42ms
42ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=73426&dpuuid=86231085222053979733060319419620284320

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-045d9dd59.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: O8lp8rQXTdA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 14 Jul 2021 15:06:28 GMT
via: 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=73426&dpuuid=86231085222053979733060319419620284320
content-length: 105
x-amz-cf-id: oJs6HLK0DVMu1gxc19aoAWhOeX_QtcB1AiQjBS3XXhHsjCd_80Bf9w==

GET
H3-29 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 294 B
1 KB 180ms
168ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4266504&conversations-embed=static-1.9034&mobile=false&messagesUtk=f13753ef697f43a3a38f84231dc1f9a4&traceId=f13753ef697f43a3a38f84231dc1f9a4

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

225db6265937e544ab60a91d84bc96d10f74c1a6d649e51ed6ab4f7c1651085a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://auth.westerncentralnyaaa.com/membership/member-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://auth.westerncentralnyaaa.com/

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cd17bd9a-e4a6-4c72-9456-b4ea45214cf5
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 226
server: cloudflare
x-trace: 2B1097016BA37F6A69707ED55C040F91BA7ABD4F67000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0W9Si0YHV6Yedn0GEH0T1WTP%2FR1Z2pbM8mU8HhKw4c%2B%2BScTSCnHrV0uGBdekfSIkYpLF%2FErjnlrHa626EiaWLWiRoqwHMntK9ZDronOdmrwFy6cP19t%2BSKabi84tEtCzhJZGBZTvPDw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 66eba7b84e184dfa-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 160ms
141ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://auth.westerncentralnyaaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 66eba7b75e885373-FRA
access-control-allow-origin: https://auth.westerncentralnyaaa.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 28ac5e88-dca3-4cc6-bc33-2c6f4e4eb9c4
x-trace: 2B0A1A730072BD0ADE374AC6165A1BEEC97D3F28AD000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X4L6LMxYvTM3PC0INZDsk9qUE10UDWlfrpaSrkQrTvqtQMII5juFVhQKt5TriZ41ZCK6T3I8Lujk7z8P0rw5zOKBvUfRF07phd%2FSgCmXzY3f2eA3N9zUHP2G%2FxdrCiH7fJQSPFzvyss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=78b13b67d4bca69c2faf4d4adfbf4319
dpm.demdex.net/ Frame E64F
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=86231085222053979733060319419620284320?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=86231085222053979733060319419620284320?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=78b13b67d4bca69c2faf4d4adfbf4319

42 B
958 B

43ms
42ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=78b13b67d4bca69c2faf4d4adfbf4319

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-044ab1bbb.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wdVE97ieQDM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=78b13b67d4bca69c2faf4d4adfbf4319
cache-control: no-cache
x-server: 10.45.25.204
content-length: 0
expires: 0

GET
H2 200 ometrics_viewed.php Show response
www.ometrics.com/widget/ 45 B
468 B 749ms
749ms Script
text/html 2606:4700:20::681a:5d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ometrics.com/widget/ometrics_viewed.php?callback=jQuery1102025751205411658185_1626275187152&ometricsID=60eefd74583957.51195511&ometricsVal=ae90208b28aa0033ab884efac9e1890e&url=https%253A%252F%252Fauth.westerncentralnyaaa.com%252Fmembership%252Fmember-login&_=1626275187154
Requested by: Host: www.ometrics.com
URL: https://www.ometrics.com/widget/ometrics-20210405.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15
Resource Hash: e3a5f25c990d6f692311aad159ed380f29d9cea74fe9d0b6d3fcd4ac6fa302d7

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.15
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7cs7QpKsPoPQWQvFwnHdjmNhJKjjjJ9MuEipWts6sCxlIO2KPeAlx6Gg8ynPOz2La0ZzVRgWnz0iMSfrlW1Ypf8JIoMIh%2BJ%2Bc0O5n83n1Q3MJZQ7EyzT2zSOFeF4IWt2iT1u9Hm03NzFzFmbo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 66eba7b7ebb3d6d1-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 widget.js Show response
ochatbot.ometrics.com/js/ 105 KB
31 KB 45ms
34ms Script
application/javascript 2606:4700:20::681a:5d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ochatbot.ometrics.com/js/widget.js
Requested by: Host: auth.westerncentralnyaaa.com
URL: https://auth.westerncentralnyaaa.com/membership/member-login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e82f2bc38599c6e1b11f4a54ce80cadd9aff1bd7356b18208a046e3fb6d6db7

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 663
cf-polished: origSize=107364
cf-bgj: minify
last-modified: Fri, 09 Jul 2021 15:14:30 GMT
server: cloudflare
etag: W/"cbe36d-1a364-5c6b23a6f99a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BD3EO6PEkapCv%2FXJUriIAz4Up9oNCV4oTNayfywH%2B%2BXQ62Sa2fkteYSpmimRinAZdzQxqIgaPtKz2fB4sEDukunUdUXvBbj6qzAJawN8fHeonG3c3e2uvgWTNxyw32IZHBu%2FV5K8i%2BzurSarrKYxWb3vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 66eba7b80be9d6d1-FRA
expires: Wed, 14 Jul 2021 15:25:25 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1952064971507640&ev=Microdata&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275188486&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:28 GMT

GET
H2 200 c901287c16955bf239f211d2a88a8b73.png
www.ometrics.com//uploads/ 6 KB
7 KB 24ms
24ms Image
image/png 2606:4700:20::681a:5d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ometrics.com//uploads/c901287c16955bf239f211d2a88a8b73.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbdb5f2f9801e50b1a2316cd171dd566adffc4d6ad8aae256db7fea0c53103dd

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1543495
cf-polished: origSize=13645, status=vary_header_present
content-length: 6238
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Apr 2020 23:09:00 GMT
server: cloudflare
etag: "354d-5a35c66c437eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMQd5ku6aH%2FMwLAB%2BaYj6zbJ%2FqTP%2Bs5XgmsMHV3t16aQZracsJD%2BZ%2BLi3wFwY%2FnjxUL4tk%2FCYe3I%2FJPIijOIzHOt6jjReD0EYBrsCt4W4ANiZ92FQZCqZs2Nn18OQEtHJ4C%2BOtjw4Xleauix7zQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
expires: Sun, 26 Jun 2022 18:21:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66eba7b84c8dd6d1-FRA
cf-bgj: imgq:100,h2pri

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E64F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU83OWNnQUFBRmFwaEFfdQ==

170 B
523 B

80ms
31ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU83OWNnQUFBRmFwaEFfdQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626275189.596151,VS0,VE0
x-served-by: cache-fra19134-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU83OWNnQUFBRmFwaEFfdQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E64F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YO79cgAAAFaphA_u&expires=90

42 B
755 B

75ms
20ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YO79cgAAAFaphA_u&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626275189.657836,VS0,VE0
x-served-by: cache-fra19134-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YO79cgAAAFaphA_u&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E64F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YO79cgAAAFaphA_u
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YO79cgAAAFaphA_u&C=1

43 B
1003 B

36ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YO79cgAAAFaphA_u&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jul 2021 15:06:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 14 Jul 2021 15:06:28 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Jul 2021 15:06:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YO79cgAAAFaphA_u&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Wed, 14 Jul 2021 15:06:28 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 315 B
993 B 162ms
146ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=4266504

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85a3334c22ef4372ca60931c9ee2605c9cc84bf3f159161c1db587c5a6d5046b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 217404b8-43b2-4fbc-95e0-be9c7532a98f
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
x-trace: 2BAADB8B96AE1AA1B72CA9AA221EEB45094133F77E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BZP7M3lVPTouKXTq08w9jv%2F8C5bpw%2BwNcS41lFXr18AzfHgd8AB2hMl6IHWyKELAQypPJ8nXg1vMX47DXir0KO5leMignM8baiL9%2Fm1we%2BZb%2B0VtNf16LvXgNx27485Mt0j0qZ%2Fs%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://auth.westerncentralnyaaa.com
access-control-allow-credentials: false
cf-ray: 66eba7b9ff9bdff3-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
612 B 159ms
158ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4266504&utk=c0044959d87b515b916d82296e6bb843&__hstc=13469672.c0044959d87b515b916d82296e6bb843.1626275188459.1626275188459.1626275188459.1&__hssc=13469672.1.1626275188460&currentUrl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6bebeecc3cd0e7b04a4eb90683cf094d7415ff2022d245c0bc19c8af36851f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f1f5fe67-8c7d-4355-b72f-4c89e0851b48
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vseBi6l5DnfrIJ8aE%2B1K1mtp6gaI2jT92D7WQQ2LC7fC0hI0PPX3BZtz0JKJg%2FXATdY7%2FKc9AQkbGMSNEGcyAycs3Oiv2jXxZOC48ZtJcjDXVHZDF79z6SUacD4OBy5SqZrnW%2BRywrcI%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://auth.westerncentralnyaaa.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 66eba7ba4dd15373-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=144988346136515&ev=Microdata&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275188847&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:28 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame E64F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YO79cgAAAFaphA_u
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYO79cgAAAFaphA_u

43 B
1 KB

34ms
34ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYO79cgAAAFaphA_u

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jul 2021 15:06:28 GMT
X-Proxy-Origin: 185.9.18.86; 185.9.18.86; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 27a42ad6-bfaa-4448-ab5d-c4c7c0a0afa7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Jul 2021 15:06:28 GMT
X-Proxy-Origin: 185.9.18.86; 185.9.18.86; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 29bb1e3f-02c6-416f-b803-66cdf8a33b10
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYO79cgAAAFaphA_u
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 175222859850934 Show response
connect.facebook.net/signals/config/ 46 KB
12 KB 71ms
71ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/175222859850934?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbdbb21b6e33ea98d327e0ff7e502a382362639813358bbd8639597b561d4e1d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: GVcoX2kmGsWE/RR1Znr6n2Prn1/riwVwKvQDGDci4S5NEy/T/AoUOmjVpxx36ZEegD8nhOCTPpA9A8SygMS3CA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Jul 2021 15:06:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E64F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YO79cgAAAFaphA_u
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YO79cgAAAFaphA_u

43 B
180 B

28ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YO79cgAAAFaphA_u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:29 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YO79cgAAAFaphA_u
date: Wed, 14 Jul 2021 15:06:29 GMT
via: 1.1 google
server: OXGW/16.210.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=175222859850934&ev=PageView&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275189017&sw=1600&sh=1200&ud[external_id]=c0044959d87b515b916d82296e6bb843&v=2.9.43&r=stable&ec=0&o=28&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:29 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E64F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YO79cgAAAFaphA_u

1 B
543 B

98ms
32ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YO79cgAAAFaphA_u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:29 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:381
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626275189.061976,VS0,VE0
x-served-by: cache-fra19134-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YO79cgAAAFaphA_u
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame E64F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YO79cgAAAFaphA_u&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YO79cgAAAFaphA_u&img=1&__user_check__=1&sync_id=1125dea1-e4b5-11eb-85bf-1644f9a80406

43 B
548 B

33ms
33ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YO79cgAAAFaphA_u&img=1&__user_check__=1&sync_id=1125dea1-e4b5-11eb-85bf-1644f9a80406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:06:29 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 78
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 14 Jul 2021 15:06:29 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YO79cgAAAFaphA_u&img=1&__user_check__=1&sync_id=1125dea1-e4b5-11eb-85bf-1644f9a80406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 96
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=136696297006053&ev=Microdata&dl=https%3A%2F%2Fauth.westerncentralnyaaa.com%2Fmembership%2Fmember-login&rl=&if=false&ts=1626275189243&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Member%20Login%20%7C%20AAA%20Western%20and%20Central%20New%20York%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626275186981.342864295&it=1626275186818&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.westerncentralnyaaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 15:06:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 14 Jul 2021 15:06:29 GMT

GET
H3-29

200

b.php
www.facebook.com/fr/ Frame E64F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YO79cgAAAFaphA_u&t=2592000&o=0

43 B
67 B

46ms
46ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YO79cgAAAFaphA_u&t=2592000&o=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 08:06:29 PDT
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: aROHVkE0t+HH29gja7EnWMOh7asFpwkVhgplAZ6dxYNjYaPULga5glXWu65VIboYg3IXpeNxAlEeE1ruUy1h9g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Wed, 14 Jul 2021 08:06:29 PDT

Redirect headers

pragma: no-cache
date: Wed, 14 Jul 2021 15:06:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626275189.263129,VS0,VE0
x-served-by: cache-fra19134-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YO79cgAAAFaphA_u&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=143525&dpuuid=e_4869f039-f3b1-4b9c-ad7d-90c67e772dc4
dpm.demdex.net/ Frame E64F
Redirect Chain

https://g2.gumgum.com/adobe/s2s
https://dpm.demdex.net/ibs:dpid=143525&dpuuid=e_4869f039-f3b1-4b9c-ad7d-90c67e772dc4

42 B
958 B

46ms
45ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=143525&dpuuid=e_4869f039-f3b1-4b9c-ad7d-90c67e772dc4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0d93da951.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yx90jIkIT58=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=143525&dpuuid=e_4869f039-f3b1-4b9c-ad7d-90c67e772dc4
date: Wed, 14 Jul 2021 15:06:29 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1

200
OK

ibs:dpid=275754&dpuuid=AACspE7B3fsAADYn8WVIqA
dpm.demdex.net/ Frame E64F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AACspE7B3fsAADYn8WVIqA

42 B
958 B

43ms
43ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AACspE7B3fsAADYn8WVIqA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-05eac8427.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sOm1dU7oRn0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AACspE7B3fsAADYn8WVIqA
Date: Wed, 14 Jul 2021 15:06:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

ibs:dpid=390122&dpuuid=1GQMsBvKT3990bm_ruZl3rkJElY
dpm.demdex.net/ Frame E64F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=adobe
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=1GQMsBvKT3990bm_ruZl3rkJElY

42 B
958 B

45ms
45ms

Image
image/gif

52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=390122&dpuuid=1GQMsBvKT3990bm_ruZl3rkJElY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaanortheast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0db4b2ce0.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: dZM3J/9ZR9E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=390122&dpuuid=1GQMsBvKT3990bm_ruZl3rkJElY
Date: Wed, 14 Jul 2021 15:06:29 GMT
Connection: keep-alive
Content-Length: 100
Content-Type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

433 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.auth.westerncentralnyaaa.com/	1970-01-19 19:46:01	Name: SSESS4936356d821b25cdb1cebf418e73bccf Value: gpMHDWhD4qOciBpVBHBvZ_dYVF03vGncPd278umCKt8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aaa-cf.coinflip.network
aaanortheast.demdex.net
ads.scorecardresearch.com
ajax.cloudflare.com
api.bounceexchange.com
api.hubapi.com
api.hubspot.com
assets.adobedtm.com
assets.bounceexchange.com
audiology-149-adswizz.attribution.adswizz.com
auth.westerncentralny.aaa.com
auth.westerncentralnyaaa.com
bat.bing.com
cdn.jsdelivr.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
dev.visualwebsiteoptimizer.com
dpm.demdex.net
ds.reson8.com
dsum-sec.casalemedia.com
fonts.googleapis.com
forms.hubspot.com
g2.gumgum.com
googleads.g.doubleclick.net
ib.adnxs.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
info.westerncentralny.aaa.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
js.usemessages.com
match.adsrvr.org
match.prod.bidr.io
mcdmetrics.aaa.com
mcdmetrics2.aaa.com
ochatbot.ometrics.com
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
px.owneriq.net
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
tag.wknd.ai
u3815863.ct.sendgrid.net
us-u.openx.net
usersync.videoamp.com
vars.hotjar.com
westerncentralny.aaa.com
www.aaa.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ometrics.com
104.111.242.53
104.18.8.110
104.43.221.31
108.128.38.37
13.224.96.61
13.224.96.67
13.224.96.7
13.224.96.92
13.248.242.197
13.36.218.177
142.250.184.194
142.250.74.194
151.101.14.49
167.89.115.54
185.29.135.226
185.33.221.91
185.64.190.80
185.94.180.126
2.18.234.21
2001:678:cb4:bbbb::13
209.82.215.211
212.82.100.182
2606:4700:10::ac43:199b
2606:4700:20::681a:5d7
2606:4700::6810:5e41
2606:4700::6810:a823
2606:4700::6811:47b0
2606:4700::6811:74b0
2606:4700::6811:cccc
2606:4700::6811:d2cc
2606:4700::6811:eacc
2606:4700::6811:efcc
2606:4700::6812:15bf
2606:4700::6812:b4f
2606:4700::6813:9a53
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2008
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9a
2a00:1450:400c:c06::9c
2a02:26f0:6c00:299::1e80
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::485
3.125.70.222
3.125.99.7
34.117.4.53
34.120.253.250
34.251.173.19
34.251.77.56
34.255.166.243
34.96.102.137
34.98.72.95
35.244.159.8
35.244.174.68
45.60.150.98
52.17.54.18
52.212.101.97
52.30.92.119
52.48.137.92
54.209.16.83
54.88.20.118
69.164.216.23
69.173.144.139
0167a32bd91afc770a265348e44bf5964ed92cbacb0c0757ef7a41929e2246c1
02ebb9b3abe47f1ba2b2629210cd5ee466965cfade16e8598ee619a4ef215059
0435814fc17e1232f7a1ce3d1ada57a41fd4d7fce5287826c83de1db26b475e0
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
04d90a369ebc11b0d43aa5710cab8a1b7b458eb51540eda5be7ad8db0b3ea33b
054123763da10810cbbd026a3f11e365b246d89b9701d07a8776afc87a4675cd
055d6fad5a2c615b7cc44ac132c76f33e073841257e40beeb0fb6a673d4b949d
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
059d3c257d61801506bdc30c1cfcc61fbdf4c5c94a4163bc0c62ee153253b609
09b45fc6b2b5318586d204b7ffed361c98475c7998084adfa6a0efee25c3cb4e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c29e77b9ad9772c60d3c55754b03680bf36e13c68caf8d44b08bd2997d04dcb
0c2e3a7970d736a77b9c069b04dc19f6ef3051045ef546b7edd1ff8731c2acde
0cb75d8e60e2bf17f76f90dcf6746bd2c94ff7f65676e7c11f7d8b37a830b02b
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10bd669130dc9381c9aa147e13e69f4e76b0df33355c0560ff9a82b384d1c83f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548
127a5154aa648eaae14ba4645aa461a399ba03194812654c9ed7b2c5d4f011b2
12ef95573e4dda2839777b1c63fe0b31d74e29149197e84fe5118c0a64737041
142dd3a16aabdf975e6c3d327cd0892021d703f614e94db06cc8bc15a3ed527a
157b16c355bd2f9eaf81d41a1b38426f153434c4a1f7046d92c7fa6f38aff74e
15f1fde7deb1f2cfecb62abe9d99d230384ecbb429e962bd449f4259e64fbec6
17c6c2e18c5f4bb8c8469d1538aef9b0129835abeb1aa542d70a729545090e59
18a7917b58cd4c9c593d8a99b53269e1307be22454436c50de97a489ca484dc1
1979db0ad5afaf84be589c09814a14eefee03f6a06b7fefd630446a6a18ca06a
1ab0cb68a54ce8eaa6ef7cc65f138f81c0e45baa50eb974f69037c0d88b73f9a
1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3
1dd62091424fb267c6eabbeb18c97f8a8613555ca43613e57a850214518c7c9d
218fb1c1fc72e9af6b866f430be2a67fa376392b4db2f4dbf32772671b6ae55c
21f655a8704b09bcb76de2df6b9b7e40daa7144a91cc8b361129895c3d2d7eca
225db6265937e544ab60a91d84bc96d10f74c1a6d649e51ed6ab4f7c1651085a
23fcb237f98618bdf3058ece5f7dac84eb885a22cecdf1485cc6f5e8c6818453
25a3c3b7c7c53758dbff470b6697a43a65a652d0440fb49770d4332e8b5efa34
273d44f76a2259ceacdb278335c84c20071762ce72e3a0f504036f8870f112d1
281031a90f0e9d98e734cf0a710f843df50a79029597b343c35e03354d24b523
2865048f681166c9a6275162cd21f9831f551c0cb4590f7d0ecff0a480a6b596
28d088ae34a47e734b65783d0b89767efffa7d2ba6bc5e8cbd0e14b8fa75ba79
2918bc961d63e4aca75eb8f6bb9edae1786c5f5eef52154c876ba91c6ffd4179
29202caec7ef0c6430ba5ef19269c5a48a811f2f0c90bb0a032b8b66618d94b5
295fa0a238f7b743386046e989b25686151742cd7b8365d74e9a249765e6c845
2ff078dda2ca251d2adae38ccc199d0a3ca7079c32d0caeced79a4080286b6ee
3055eaa4cdd4657b25fbb5c38b3f0385d13748828c3955080d76873acc2b4226
312edc66bc1be0686911d085feb640834751783b70beaaf54c413cfe7ea23aab
317ac0633e7c3a2be9606727ecb1e5a893380b482ea8ca3fbfc33cd8d69b3a8f
32a0a8d773f89385c6d3056ba52d1e29efdd9732bd5eded09c7c0241b83d7d33
37de4c1fefde22d5de8dafbbd67512401600f61e32605902822b8d12476a56a5
3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35
395440348e428557910b927a74501fc2b50eddaabbac0fddbeed8ddf0ae53c6a
3c05d2fcbecebd73d3b2592071cbda8be98cf1ab2b6b2fe6e3c7bb4155fd93cb
3e82f2bc38599c6e1b11f4a54ce80cadd9aff1bd7356b18208a046e3fb6d6db7
43180fc933cf2814989830ef9cd4fe733f9375d2d293833a971374487d31c830
455efcbcce5b2447435daaaae083cf3534472b71cba4d451c733599c1783bcff
45614c8641924df583fcb7fc7c2ddb55f31e5bde3022066403596c4000cc0615
478343a40a73e7afedde1d34a0531f3d525967e39e2eabb405db4bf6f812c679
48aca5a50025c3e198b6c2ecc6e1fafbb08f3f4971a6ccbc3d6a25ae13c2f18c
49934d735630317b021a35512c723ad1b2aeabae9228acec587ef112dbb21af8
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4acf6e6c9052449f71763158aa2eb5e0a89dee411fc365ad62c6aacd054b13b2
4aeb16e1ea0c842e91d39b1a6eca074e93ab693352598b462319c85c1fdb23db
4b1220478d577025f495d7ea5b47ce559fbb6b92a3167c9eb0f15e7195e0a0b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bdf03312a9acf71632ddb3c69a1564cdbe3ced5a7d8b406abcb50faf470a28d
4d1f68b9a889a6f582fc0b589ae76a136236812bb521efd0972a4193af26448d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5331de4b8266769c78dd3eae3c4f70c4d70f369141650c8e7f554b6f9af1e748
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b5f437c1ae3fe3b1599c5f8b66b812974e4bd1fd15653d0b35921bcc150985d
5c81aa3671a3c8d52a54a2ba91802d0984011a5907fdc00461e0caca8b5ba975
5f43e3c6bb729ac246a4324df2dacec04c95f3cfa369df7721031e4afc1d698b
6056c68bc16bf95b2ba1c0d3eb5af8d35a9a2d57a97858b32554d2f63261789d
6310375708b66296203198f595fae0b8628784c3d8dc78e6b0dde5737a46c464
63270488d3166243355692c5582ca168dfae8091107a5a5605ccb1e9f52c727b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
644e6b02ca70d76d9eca4762692280329c9b03cd28a379c526cba9d870cf4a1a
674ffee773da54d5c276d9a2ca9f2151a6e9065b57f7ed4e27fc94517c87340f
6877b677fb95548385f7ddaf5b1717bb9b6bd23114fb5fea0150bd57e832946f
68e17b1669b3b110a5ba49af0c0d944f5129581bf7ed982c114be9215a77196e
6b6a9919bc99d1b7ea1ba013242b313c09ec9ea32e0c7b5d7073c86ecfcda58c
6e426dcf89fffb9da3a7e8dad86c2b14cb4d128f989c80346d6dbaad4e9bc0de
6eea5094565194a23eaabc191fd73bc7afd4a814609c3f634dbe5b1f5c30edb5
7108fc2964405bd367c126687b5a991a93291d39706867c747b58a07f3f615a1
724a466ae26e610fdc3e7beeef792226a763cd88ca2278f6024ab8394e6fa80e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
746dd3d15a71553a2be3c7c5fc387057ca2645962e9bbeea46b5bd9e1c08785c
754a12dd8ae22818cfa8abe328bc0b605bb92fff540270b062cab041233c2f17
76ab552b917932778a3cb202e5c874a661aac2f6b050201e3b5fe033095d70ad
79f07d000fa5adff824bdc7e80bdfdc113c74f061715720068b3ff9fa548e3d9
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7b09b38c6e38cdc7981e573f3237ec1ea1347e1f47d5de72cac87e71e60303cc
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dbbb6167bb815961271c749ce7e365be050638eb2ef1fb29a3419440edecdf7
7ec20f3c85c4aaabb5548082c5d1315b6df92703869cb8d68a2ab9cb370f1bd7
7f3547dcdaa73babab6b7d8cd1d692f0673da1a737ee1a1ba17af0b487eac516
7fde221486c3e05f825980fec689e0671182230722188921d256b58a7383d9cb
7ff0dc2c452a9e5049f4d558165d67fc1791e737fb6b7e76eb9e33038bc8cfaa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8502e8bc6027bc4c91a2123eae71c971d9d7adc077c57a03dd11524f0378dbbf
85a3334c22ef4372ca60931c9ee2605c9cc84bf3f159161c1db587c5a6d5046b
8a8b43371dcf53d65697bfa01ab4a6b5e14a82b766588668586da9170e0564cd
8c1932cd63f037a72ae02e07eb4f7c285fcc6aad3e9c70176158f9a0ef279d4e
8d0f8d2729c285dbfc4c28e86bce4ea84111ad9b2f70b62a8fcde00a00446eaf
8d62a600971cea6b45416ec41f603119b3a75f226caacdb3a08249f25764c596
8eebb7e004629d956e810f39eca97c536eeddc2ee2d601d4a47a388ccfe61f39
8f8056fc2975cc5ae70f9a1fd7898674db86ba52355e987814be6cb6e923f086
90652af82c8c9317c117cf87f35754fbb850567ef22e44c57c5cb9690b86f965
91c778b39c01d0a1d83628470993953521809c9bbab5ceb462df4898e48a88b3
92ab0091cc78d10d897387ddb871bc3291c4d5315fa5954e12ad68166e755424
93288115bac2a19911615326c3199363787f084b33c7a9870c15d7759137b62c
946a1a2041e060fdffc021132a81d13fedd5fe3dfff660b98e440dd4f1d918c2
947678fccd0d637da1d4ae67ad7b74cf8ad6cfc11e86ac75554b38ea7d28037f
94ad50ed63891fe54b55a578ed21fe2fa41be233d94237e216014479cab52147
94e3c960e7ac7a42aac1f0a681c9e4d497c626c0ee7593de6450410b6d4b26fd
95bbc34e0835607c1dc8019fc6ed837652f11c72c95caad9020a9e67adf803d4
996cc8a458f5bfeca3042118515aa02557b39cbd1c2b1f7beab65fbd8924d9ed
9c357e5296fcb72cebe77e61bb4955af53e881e4dfecd83ae961ebe7caeaac03
9d20cab0cceff028b04f87ca0aa24242fe2197f53d3874c361f9296deb14135a
9e46c5a7440c5c45e9317f8aa00e68a946c94ea2397f8b4ae345d563b89a9707
9e5dd9c839201e7073f3f978c38dbb26170dde154e0058e1080adfeef3618ffc
a189f9e003a4486a75939a97b000cc9f9a00e04a25bb8d423a9c1e3bfd385b6d
a1bcd010e1c02dce034e23482d2a4b696c3fa0de02575b472426aa98b5e16f5d
a22f32204b33e23ae314fbff464b5517df5a441dc7124e2e8775e6b238a80fdf
a32c9d276605795d91796c1f3b3295eb284a4a8dea8ff1c037d71f3497ed687b
a4af1abfa326cfab790450767ab91dbec2c84857fb7050a20995b8686fa45f76
a5d941e59e932f8cc684b36597b53a3e981ffc68dab4984afff223d985cd507c
a7c3507754139fcf2e7add64bb5949cc51fc3fa8a0ff49c2ee5e380e4fe6c051
aa833c3a6b977f19524dd3dac651477b4a2f6b6c49c48244e588e1ac45b07d3c
b0aeb0a515a39a2e8ea3cea0a7a66c5f6c43e3757b0b6ca53daa97b0886181a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7f789480b9b23aea49489e81555a2b8d702abdb3faff634d4a42476a6f19c29
b836ff22ac97f14d87668343c46ed94654ca7231f6c8d475696dc6b0900d5968
bad1057ef82b8b14b52034598a876cc97e830ed29386a0997b4daf64f1644608
bb77857d931dcf91a6034e31513032fa72e17926b3d5d8a33f5cdc085ff68097
bbdb5f2f9801e50b1a2316cd171dd566adffc4d6ad8aae256db7fea0c53103dd
c1abcaf068f56e419faf1ca9eafc09a121e1937ca9ebf67d5aaf4cca6d981781
c1cea713de0dd0e9a3bb4bb1d59ef381d32c347e41256335f31713e1d8a2643c
cb90181b6bf15f3a6ac7cdb9fe1d93556420536f54ff831ebec5a653bf0bdcfd
ccbf78be3654e960477e90e268d70573a1b248585175c7e270ad616318d63f9a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd86d6b91dd38dc91f1753bedae33c613ed0c2632395ea1e90494a8313fe16b2
d0061724a79597f24c918b29f0209a35ec9757d1ea34b3612115936ad9d919d1
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
d32aa3d334a689cb31945a78fd8ed8324e90fa70ab56b1ef8896927ce61ecae9
d4e006425282efc92a03f2bf292b71885fcad8f387fcfaa6c2224db17266b4d9
d4e5db09dad1ee1a5a776c1f0b67fd42315f848265c3a856068e56ad73e48ee7
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2
dbdbb21b6e33ea98d327e0ff7e502a382362639813358bbd8639597b561d4e1d
ddb6bd8f256c038352638143e1c41c398448c4e111047c8145443583562d59e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6bebeecc3cd0e7b04a4eb90683cf094d7415ff2022d245c0bc19c8af36851f
e3a5f25c990d6f692311aad159ed380f29d9cea74fe9d0b6d3fcd4ac6fa302d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e484c62044892224d13f36e741c2142a7b1eaa68887377184020435c15bb605e
e512e866277f46b94c383be1aab4fbb863312254c1286c7a2e583055cef0b0f8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e734e59613ad8acfa314df40d191a7ffc831d35ce0409836d712e6233ade125a
e7ba0b391476e3604bedb38c57ad38f6e1568408a075e3a7218c7e2d0c5881cb
e82bb98d946df20b490b8ebdd6de2b5676d031fa9f17584142d75653ac103f87
e8e781fa41bd606412fc26ad5bb6caed0e883123b2cc11271a09b9c2bb40369d
ebdc917da1f7852a04dcbd60694fc8c2ea50a7a25a94bb9858383ccdcd750eaf
ee7107ff1b4f4da253dbecec7e593f6e39872239b4c6414463be5b56121b47e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc43f58507b9862045941b7a74c729ef8c86aaa8c05ef29c68c0e05f1dac47f6
fcec8a0dc2c56f1e8f7ca1c15f5fdfaffd5f51ccf3056c6d934df6b912549e0c
fd0552012948bb3c028765c937bff5092e63e9ffbf9d014023dd4e95727e8bf0
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
ff920a0b9304131aab47c3fd9c8d2d219ec0594e4ba8d6d01c4f39f3b63534df

auth.westerncentralnyaaa.com Open in urlscan Pro 2606:4700:10::ac43:199b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

247 Requests

100 %HTTPS

41 %IPv6

56 Domains

70 Subdomains

55 IPs

7 Countries

1969 kBTransfer

7322 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

247 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auth.westerncentralnyaaa.com Open in urlscan Pro
2606:4700:10::ac43:199b Public Scan

Screenshot
Live screenshot

Full Image

247
Requests

100 %
HTTPS

41 %
IPv6

56
Domains

70
Subdomains

55
IPs

7
Countries

1969 kB
Transfer

7322 kB
Size

1
Cookies

247 HTTP transactions
1 data transactions