accounts.ayco.com Open in urlscan Pro
95.101.23.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ayco.com/login/hersheys
Effective URL:
https://accounts.ayco.com/wellness/login?vanityId=hersheys
Submission: On January 19 via manual (January 19th 2023, 10:24:15 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 6 domains to perform 43 HTTP transactions. The main IP is 95.101.23.64, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is accounts.ayco.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 19th 2022. Valid for: a year.

This is the only time accounts.ayco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	23.45.105.227 23.45.105.227	16625 (AKAMAI-AS) (AKAMAI-AS)
2 15	95.101.23.64 95.101.23.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.217.237.24 54.217.237.24	16509 (AMAZON-02) (AMAZON-02)
18	91.235.133.182 91.235.133.182	30286 (THM) (THM)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
2	54.188.70.204 54.188.70.204	16509 (AMAZON-02) (AMAZON-02)
43	9

2 23.45.105.227 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-105-227.deploy.static.akamaitechnologies.com

www.ayco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portal.ayco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 95.101.23.64 (Vienna, Austria) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-64.deploy.static.akamaitechnologies.com

accounts.ayco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.237.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-237-24.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 91.235.133.182 (United States)

ASN30286 (THM, US)

v.ayco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

nhs11h5x6ujhxrvokzlxdbxlsrdp3avcl3fvyy4q69626db9f2d54aa4am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

smetrics.marcus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.188.70.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-70-204.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	ayco.com 4 redirects www.ayco.com — Cisco Umbrella Rank: 751693 portal.ayco.com accounts.ayco.com v.ayco.com	2 MB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 478	85 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3170 nhs11h5x6ujhxrvokzlxdbxlsrdp3avcl3fvyy4q69626db9f2d54aa4am1.e.aa.online-metrix.net	16 KB
2	segment.io api.segment.io — Cisco Umbrella Rank: 999	349 B
1	marcus.com smetrics.marcus.com — Cisco Umbrella Rank: 153143	372 B
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 201	1 KB
43	6

	Domain	Requested by
18	v.ayco.com	accounts.ayco.com v.ayco.com
15	accounts.ayco.com	2 redirects accounts.ayco.com
4	assets.adobedtm.com	accounts.ayco.com assets.adobedtm.com
2	api.segment.io	accounts.ayco.com
2	h.online-metrix.net	v.ayco.com
1	smetrics.marcus.com
1	nhs11h5x6ujhxrvokzlxdbxlsrdp3avcl3fvyy4q69626db9f2d54aa4am1.e.aa.online-metrix.net
1	dpm.demdex.net	assets.adobedtm.com
1	portal.ayco.com	1 redirects
1	www.ayco.com	1 redirects
43	10

This site contains links to these domains. Also see Links.

Domain
portal.ayco.com
www.goldmansachs.com
www.ayco.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
cdn-ak-pwm-ad-1.gs.com DigiCert SHA2 Extended Validation Server CA	`2022-11-19` - `2023-11-21`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
v.goldman.com DigiCert SHA2 Extended Validation Server CA	`2022-06-02` - `2023-06-29`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-06-08` - `2023-07-10`	a year	crt.sh
smetrics.marcus.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-11-24`	a year	crt.sh
*.segment.io Amazon	`2023-01-11` - `2024-02-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://accounts.ayco.com/wellness/login?vanityId=hersheys
Frame ID: 219D3C8B53EAEEF56FD779A30A66FEC6
Requests: 22 HTTP requests in this frame

Frame: https://v.ayco.com/fp/check.js;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jb=3d332e246073677d3555696e6e6f777b2e62736f3557616e6c6d757b2d3238313a266873687d3d43607065656d266a79603d436a78656d6d2f3832333a39
Frame ID: A47FBA4FC5B55C35DBB4B746B360A0C0
Requests: 12 HTTP requests in this frame

Frame: https://v.ayco.com/fp/HP?session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&org_id=nhs11h5x&nonce=69626db9f2d54aa4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 7C1037FACE6A3FE03744CA735C838217
Requests: 3 HTTP requests in this frame

Frame: https://v.ayco.com/fp/ls_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4
Frame ID: 32CDEBB83B7F1BDE42364C506A29CED4
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4
Frame ID: FE09BA56DAD0338371968F4AA5259DFB
Requests: 2 HTTP requests in this frame

Frame: https://v.ayco.com/fp/top_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4
Frame ID: 8034133A50E433A39FED014B227E9BAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ayco | Wellness

Page URL History Show full URLs

https://www.ayco.com/login/hersheys HTTP 301
https://portal.ayco.com/login/hersheys HTTP 302
https://accounts.ayco.com/wellness/login?vanityId=hersheys Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

43
Requests

93 %
HTTPS

11 %
IPv6

6
Domains

10
Subdomains

9
IPs

5
Countries

2113 kB
Transfer

9059 kB
Size

26
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.ayco.com/

Search URL Search Domain Scan URL

URL: https://portal.ayco.com/verifyemail
Title: update your account

Search URL Search Domain Scan URL

URL: https://portal.ayco.com/newuser/hersheys
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.goldmansachs.com/privacy-and-cookies/docs/PFMG_Privacy_Notice.pdf
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.goldmansachs.com/privacy-and-cookies/docs/PFMG_Privacy_Policy.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://portal.ayco.com/Terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://portal.ayco.com/Disclosures
Title: Disclosures

Search URL Search Domain Scan URL

URL: https://www.ayco.com/crsrg.html
Title: Ayco Customer Relationship Summary

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/goldman-sachs-wellness/id1600778026

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.gs.pfmg.wellness

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ayco.com/login/hersheys HTTP 301
https://portal.ayco.com/login/hersheys HTTP 302
https://accounts.ayco.com/wellness/login?vanityId=hersheys Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://accounts.ayco.com/static/svg/icon-defs.svg HTTP 302
https://accounts.ayco.com/content/ayco/protect-ui/static/svg/icon-defs.svg

Request Chain 12

https://accounts.ayco.com/static/fonts/BasisGrotesque-Regular-Pro.woff2 HTTP 302
https://accounts.ayco.com/content/ayco/protect-ui/fonts/BasisGrotesque-Regular-Pro.woff2

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
accounts.ayco.com/wellness/
Redirect Chain

https://www.ayco.com/login/hersheys
https://portal.ayco.com/login/hersheys
https://accounts.ayco.com/wellness/login?vanityId=hersheys

942 B
4 KB

959ms
586ms

Document
text/html

95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6ac04e03e43c622d9a3c4ef18361fa1b532fd09912c5daa52d3dcbf2fb54beb6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 539
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Jan 2023 22:24:08 GMT
Last-Modified: Fri, 06 Jan 2023 01:08:35 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Access-Control-Allow-Origin: https://idfs.gs.com
Cache-Control: no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Date: Thu, 19 Jan 2023 22:24:07 GMT
Expires: -1
Location: https://accounts.ayco.com/wellness/login?vanityId=hersheys
Pragma: no-cache
Strict-Transport-Security: max-age=31536000, includeSubDomains, preload
X-XSS-Protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK vendor-bcc9c087b8bab90353d2.min.js Show response
accounts.ayco.com/content/ayco/protect-ui/ 4 MB
1 MB 90ms
89ms Script
application/x-javascript 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/vendor-bcc9c087b8bab90353d2.min.js

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fa3383c79ae901742f7ff01bfa73e44cd81397d95f36b223df5bd40d8a7f0056

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-011-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-011-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:08 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 1157623
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 04:12:20 GMT
Server: Apache
ETag: "3f6ae1-5f28205cd3c5f"
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Thu, 19 Jan 2023 22:24:08 GMT

GET
H/1.1 200
OK app-f0e012bd623619b5fcde.min.js Show response
accounts.ayco.com/content/ayco/protect-ui/ 3 MB
503 KB 144ms
50ms Script
application/x-javascript 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/app-f0e012bd623619b5fcde.min.js

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

20df0b70f1cbc88995a7845d2fca56713c109f1a5b272d10d3d188c0802f733f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-014-e2.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-014-e2.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:08 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 512207
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 05:42:42 GMT
Server: Apache
ETag: "35ba2f-5f28348f70e4f"
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Thu, 19 Jan 2023 22:24:08 GMT

GET
H/1.1

200
OK

icon-defs.svg
accounts.ayco.com/content/ayco/protect-ui/static/svg/
Redirect Chain

https://accounts.ayco.com/static/svg/icon-defs.svg
https://accounts.ayco.com/content/ayco/protect-ui/static/svg/icon-defs.svg

81 KB
26 KB

806ms
677ms

Other
image/svg+xml

95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/static/svg/icon-defs.svg

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

86029919987967170ed9a419d44c3877054663edda860e572c7bec91b49989eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 23733
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 03:31:25 GMT
Server: Apache
ETag: "1439d-5f281737806bb"
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

Redirect headers

Location: https://accounts.ayco.com/content/ayco/protect-ui/static/svg/icon-defs.svg
Date: Thu, 19 Jan 2023 22:24:09 GMT
Server: Apache
Connection: keep-alive
Content-Length: 258
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 launch-e60d273934f1.min.js Show response
assets.adobedtm.com/607ae6100a11/ea22be519b1d/ 308 KB
71 KB 172ms
42ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Requested by: Host: accounts.ayco.com
URL: https://accounts.ayco.com/content/ayco/protect-ui/app-f0e012bd623619b5fcde.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 66450fa8eb3a67487e52fc1320a511942030f8281dcb024579863f5eb12c8151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 22:24:09 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 01:29:58 GMT
server: AkamaiNetStorage
etag: "b89d35de11558dc7f6584aad9f86252c:1672968598.135686"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.ayco.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 71794
expires: Thu, 19 Jan 2023 23:24:09 GMT

GET
H/1.1 200
OK GoldmanSachsLogo-blue.svg
accounts.ayco.com/content/ayco/protect-ui/images/wellness/ 6 KB
5 KB 204ms
204ms Image
image/svg+xml 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/images/wellness/GoldmanSachsLogo-blue.svg

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8da3cf5ee35f2153dd1e353ebb2827305e2ef96a7336ee054c27e9da8030dde3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:09 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 2707
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 03:31:25 GMT
Server: Apache
ETag: "1844-5f28173767461"
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK login-illustration-large.png
accounts.ayco.com/content/ayco/protect-ui/images/wellness/ 93 KB
96 KB 242ms
85ms Image
image/png 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/images/wellness/login-illustration-large.png

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4d232f53a5dd6d401517317d4f5edc973e11bca2e849fdc0936734f2360ad22c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-011-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-011-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:09 GMT
Connection: keep-alive
Content-Length: 95243
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 12:07:36 GMT
Server: Apache
ETag: "1740b-5f288a98253fd"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Thu, 19 Jan 2023 22:24:09 GMT

GET
H/1.1 200
OK login-illustration-small.png
accounts.ayco.com/content/ayco/protect-ui/images/wellness/ 18 KB
20 KB 286ms
81ms Image
image/png 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/images/wellness/login-illustration-small.png

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e6daafc725f4cbc4243b66ff4635963e22e27e37a9b3790f616e817626deb639

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-011-e3.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-011-e3.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:09 GMT
Connection: keep-alive
Content-Length: 18370
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 04:31:58 GMT
Server: Apache
ETag: "47c2-5f2824c090503"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Thu, 19 Jan 2023 22:24:09 GMT

GET
H/1.1 200
OK GoldmanSachsLogo-white.svg
accounts.ayco.com/content/ayco/protect-ui/images/wellness/ 6 KB
5 KB 429ms
216ms Image
image/svg+xml 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/images/wellness/GoldmanSachsLogo-white.svg

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c0b1e19061a3724ef5e2859540f1735709c5bb6453d2b2e3e7ecbf860ec9413e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 2704
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 03:31:25 GMT
Server: Apache
ETag: "1842-5f2817377b4b3"
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK app_store.png
accounts.ayco.com/content/ayco/protect-ui/images/wellness/ 4 KB
6 KB 359ms
81ms Image
image/png 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/images/wellness/app_store.png

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b0311606809197bc7820a36ee7f98b3a54e9fc69309950cb1ba0fe78a37be9f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-011-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-011-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:10 GMT
Connection: keep-alive
Content-Length: 3995
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 04:11:58 GMT
Server: Apache
ETag: "f9b-5f28204797460"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Thu, 19 Jan 2023 22:24:10 GMT

GET
H/1.1 200
OK play_store.png
accounts.ayco.com/content/ayco/protect-ui/images/wellness/ 4 KB
7 KB 194ms
80ms Image
image/png 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/images/wellness/play_store.png

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7cb70a7041e7076392ff4838814442aa31c0032de570dce9387ed566ea602279

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-011-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-011-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:09 GMT
Connection: keep-alive
Content-Length: 4486
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 05:53:17 GMT
Server: Apache
ETag: "1186-5f2836ed26b23"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Thu, 19 Jan 2023 22:24:09 GMT

GET
H/1.1 200
OK connectionId Show response
accounts.ayco.com/api/v2/ 155 B
4 KB 520ms
433ms XHR
application/json 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ayco.com/api/v2/connectionId

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/content/ayco/protect-ui/vendor-bcc9c087b8bab90353d2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4ff8451a9e9b7f2bda4afc02269deee8f348d35bb26b927f27f96c1573c560e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-TENANT-ID: WELLNESS
X-Journey-Id: edfcd250-da07-427d-8ce6-6f5fa88020a1
accept-language: de-DE,de;q=0.9
X-Requested-By: MTY3NDE2NzA0OTY4NA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
X-Connection-Id

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:10 GMT
Server: Apache
Vary: Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/json;charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Connection-ID: MjY2ZDlmYWQtZDdlYi00YTY0LWFiMDYtZDg0NmU4M2NmYTUzfDE2NzQxNjcwNTAxMTM
Content-Length: 155
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 401
Unauthorized postLogin Show response
accounts.ayco.com/api/cwm/v1/ 381 B
4 KB 351ms
220ms XHR
text/html 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ayco.com/api/cwm/v1/postLogin

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/content/ayco/protect-ui/vendor-bcc9c087b8bab90353d2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ff6d14f77e27f7b90cb2f20bce408189f5f388961f3fcd13fe2df2cc0a002dc3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-TENANT-ID: WELLNESS
X-Journey-Id: edfcd250-da07-427d-8ce6-6f5fa88020a1
accept-language: de-DE,de;q=0.9
X-Requested-By: MTY3NDE2NzA0OTY4NQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
X-Connection-Id

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
WWW-Authenticate: Bearer error="invalid_token", error_description="Reference token could not be introspected"
X-Content-Type-Options: nosniff
Server: Apache
Date: Thu, 19 Jan 2023 22:24:10 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Access-Control-Allow-Origin: https://accounts.ayco.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 381
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

BasisGrotesque-Regular-Pro.woff2
accounts.ayco.com/content/ayco/protect-ui/fonts/
Redirect Chain

https://accounts.ayco.com/static/fonts/BasisGrotesque-Regular-Pro.woff2
https://accounts.ayco.com/content/ayco/protect-ui/fonts/BasisGrotesque-Regular-Pro.woff2

49 KB
52 KB

209ms
209ms

Font
application/font-woff2

95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ayco.com/content/ayco/protect-ui/fonts/BasisGrotesque-Regular-Pro.woff2

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys

Protocol

HTTP/1.1

Server

95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/wellness/login?vanityId=hersheys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: default-src 'self' https://*.marcus.com https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.zopim.com https://*.marcus.com https://*.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://*.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://*.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://*.marcus.com https://*.ayco.com https://*.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://*.salemove.com https://*.salemove.com https://*.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net wss://*.zopim.com https://*.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://*.gs.com https://gs-analytics.url.gs.com:8443 https://*.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://*.marcus.com; child-src 'self' https://*.gs.com https://*.marcus.com https://cdn.plaid.com https://*.demdex.net https://*.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://*.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://*.gs.com https://*.marcus.com https://*.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://*.demdex.net https://*.docusign.net https://*.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' * data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
X-Content-Type-Options: nosniff
Date: Thu, 19 Jan 2023 22:24:10 GMT
Connection: keep-alive
Content-Length: 50128
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 18 Jan 2023 03:31:25 GMT
Server: Apache
ETag: "c3d0-5f2817379b855"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/font-woff2
Access-Control-Allow-Origin: https://accounts.ayco.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

Redirect headers

Location: https://accounts.ayco.com/content/ayco/protect-ui/fonts/BasisGrotesque-Regular-Pro.woff2
Date: Thu, 19 Jan 2023 22:24:10 GMT
Server: Apache
Connection: keep-alive
Content-Length: 272
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 1 KB
1 KB 245ms
57ms XHR
application/json 54.217.237.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=51857BAF56FBC1EC7F000101%40AdobeOrg&d_nsid=0&ts=1674167049936

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.217.237.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-237-24.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2b3d8208222f0bdfc1dc3cf3989255c85a829138015eaee2e13e9d06e060402e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts.ayco.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 4Z9WqAEyTLA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://accounts.ayco.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 612
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 40ms
40ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 22:24:09 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.ayco.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Thu, 19 Jan 2023 23:24:09 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 41ms
41ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 22:24:09 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.ayco.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Thu, 19 Jan 2023 23:24:09 GMT

GET
H/1.1 200
OK tags.js Show response
v.ayco.com/fp/ 93 KB
13 KB 350ms
42ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/tags.js?session_id=MjY2ZDlmYWQtZDdlYi00YTY0LWFiMDYtZDg0NmU4M2NmYTUzfDE2NzQxNjcwNTAxMTM&org_id=nhs11h5x&page_id=login

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/content/ayco/protect-ui/app-f0e012bd623619b5fcde.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

30ea153b2e11ad0111c8dbcc4d5fbd0b26304ff8b6f9682ab6e4554876190e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=681A48AC14335DC65E0106F32C4E0168 Show response
v.ayco.com/fp/ Frame A47F 344 KB
62 KB 49ms
48ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/check.js;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jb=3d332e246073677d3555696e6e6f777b2e62736f3557616e6c6d757b2d3238313a266873687d3d43607065656d266a79603d436a78656d6d2f3832333a39

Requested by

Host: v.ayco.com
URL: https://v.ayco.com/fp/tags.js?session_id=MjY2ZDlmYWQtZDdlYi00YTY0LWFiMDYtZDg0NmU4M2NmYTUzfDE2NzQxNjcwNTAxMTM&org_id=nhs11h5x&page_id=login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

93d5b932a1bd59896f509cf8d16d7437040ac64978f01dffb39904372d0a4312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
tmx-nonce: 69626db9f2d54aa4
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
v.ayco.com/fp/ Frame A47F 81 B
475 B 40ms
40ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.ayco.com/fp/clear.png?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
v.ayco.com/fp/ Frame A47F 81 B
474 B 80ms
40ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.ayco.com/fp/clear.png?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
v.ayco.com/fp/ Frame 7C10 19 KB
6 KB 40ms
40ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/HP?session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&org_id=nhs11h5x&nonce=69626db9f2d54aa4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: v.ayco.com
URL: https://v.ayco.com/fp/check.js;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jb=3d332e246073677d3555696e6e6f777b2e62736f3557616e6c6d757b2d3238313a266873687d3d43607065656d266a79603d436a78656d6d2f3832333a39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

5221e07e61776da225606268e68a6c9ae7cd92b22f70c48d855f3117ae8c5272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.ayco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5813
Content-Type: text/html;charset=UTF-8
Date: Thu, 19 Jan 2023 22:24:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
v.ayco.com/fp/ Frame A47F 81 B
533 B 117ms
38ms XHR
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, nhs11h5x/69626db9f2d54aa4mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm
Referer: https://accounts.ayco.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 22:24:10 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 19 Jan 2023 22:24:10 GMT
Server: Apache
Etag: 8c4ee020917345cc8bfd86396f0f85f3
Content-Type: image/png
Access-Control-Allow-Origin: https://accounts.ayco.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Tue, 18 Jan 2028 22:24:10 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168 Show response
v.ayco.com/fp/ Frame 32CD 92 KB
14 KB 43ms
42ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/ls_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

afbc1781bb3753125343c1e1bef02e21e1473293e4cd3fc266b47ad95815e2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.ayco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 19 Jan 2023 22:24:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
v.ayco.com/fp/ Frame A47F 0
388 B 41ms
40ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
v.ayco.com/fp/ Frame A47F 134 B
654 B 56ms
39ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/es.js?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2d394a5f8f621451b5cdf6bd5a3fe9f05011240459f5ee373469ec382a64b317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168 Show response
h.online-metrix.net/fp/ Frame FE09 104 KB
16 KB 132ms
43ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

6217fb2fb7a3e9ad51f6c1082050dfb975de732d3267efdd7da6d6b886351686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.ayco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 19 Jan 2023 22:24:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
v.ayco.com/fp/ Frame A47F 0
387 B 40ms
40ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/clear.png?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jd=3d3c2e24606666353b246a66623d39313e3937316e626e393f31356d3b363f626b373734686a33396a613e3a6b38266064746e3f3a3033383c3031

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168 Show response
v.ayco.com/fp/ Frame 8034 90 KB
14 KB 44ms
43ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/top_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

18385f1bc41dc5c14d769758da9452f28872cd6c5f65ace1fb901e0461ad0125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.ayco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 19 Jan 2023 22:24:11 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
v.ayco.com/fp/ Frame A47F 0
218 B 41ms
40ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/clear.png?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&ja=39323f3a2c266b3538247a3d3a266635393e303070313a303824636e35313e303a7833323a382673707b37387030266e72723d33263b36383a2633303a302c393e3038243b3a323a2c393e38322c3138303024393e303024313a30382e32243826657437613a38386962636c613d3f6c64666e64396563323e31393e3d32346839613f69266566373c2479636c353a36266c623d687c7c7873253b412d324e27304e69636b6f7f6e767324697963672c69676525324c75656c6e646f737b2f38446e656769662d334e7e6b666b7e79416c2d3144686f7273606d7173266c7235687c76727b2d334925384627324c6963636777647c7b2e6173616f2e616567253a4c7d676e666e657b7b253a4e666765636e2d3b4e74616e637479416c2d334460657a7360677b7b2e70643d39267268373f38663a3a6b693e62636c606531333968373b323d63673a64336a6c623a6c3e2e6a623d6d6b6b3b33313262353b303e64353b343b396e34343c6d636b383c6335393e69266a7b6d375f616e6465757325303a3b302e6079603f4968726765652d3a3a39323326627b67773d57636e64677f7b266a7b627d3d4b6a706765652e6e62633f342c66646d353a2c6665747037322674786e37457c692f30445f6e6b666777662e6769766272353c383233643b63326a6d6b30326d366b633d343238303269643b3537343a3966643c3732303934316e34656163383e646b333e63646864373a3b313b39333e632c70357864776769645f6664697b68253d456e6164716729786c7d67636e5d776366646f7f7155656d64696b5d706c63736f722d3f4f646366736529786c7d6f63665d6b64676a6d5d6163786f62697c2d35456e6164736d2372647d67616e557177696963746965672f3d4d66616671652172667f67616455716a65636b7f69766d2d3f4d646b6c7b6d29726c756d696e577a6d616c786c69796d70273d4d66696c79652370667d6769665d7c646b5f7066637965702f3f456e6b6671672b706c7d6f6966576e6d746b6c7e7a2d3745666b6c736d29786c756f69665f7b7465577e696d776f7227354f6e616c7b672b78647567636c5f6a637c6b253d4f6c636e7965266f645f6b357d6d606d6c5f6d6a454c2538303126382d3230204f786566454e2d3a304d532f323232243825323841627a676d697f6f295767684d4c2d383a454e594c253a38455b2d38383324302d3a382a4f706f6e47442d3a30455b253a304f4e51442d323845592530303b2630253a3249607a6f6d63776d29556f684b617e5d67604169742d3a305f6d684f4e4b4e4f444d5d696e797461666b6d645f69727a617171273b4a253a304f58565f6864656e6c5d6761666d617227334227383a45505e55616d666f72576a756e6e6f7a5d6261646e57646c6f6b74253b4a2d32304d585c5f6e6e6d697c5f6a6c6f6e6625394a25323847525c5766726b655f64677a7e682d394827303a45585c577360696e6d7055746d707c777265556c6f6c2d3b42253a304d585c5d766d70747d726f5f616f677872657b716367665f627a76632531482f32384f52565d7e65787c7d726d5769676f7a726d7b7b6b6f6e5572677c6b2d33422d32384550565d7c6d787c7578655d66636474657a5d6b6661736f7e706f706b692f334a2f38324752545f7b5a474a2d394a273830474d5b5d656c6f6d65667c57696e6c65705f7d6b6c7c2d334a2538304d4559576662675d786d666465785d6d6972676b702d394827303a4f455b57737c69646c637864576c6d7069766b74697e6d7b25334a253a30474751577c6570747f72675f6c646f617c27394a2d32304547535f766f72747d786f5d64666f617c576c61666f69702f334a2d3a324f45595f746d707c75726d5f606164645d6e646f69742f33402538384f455b5d7e6d70747578675f6863666c5f6e66656376556c69666d617a2d394a273830474d5b5d766578746570576972726979576f6a68676b7c253b422f3232574f4a474c5761656467725f687766666778556664656b76273942253a38574d4a4d445d696f65787a6773736f645f7c6d7074757a6557617b76612d3b422d323a5747424d445f63676f7a7a6d73736f665f7467727e757a6f5567766925334a2d32385f4f4a45465f6b67657272657973656c577c65787c757a655767766b39253b422f3232574f4a474c57616565787265797165645d7e6f787c7f78675d7933746b2d334a2d3838554f424f4457616f6d7a72657b7b6d645f7c6570747d7067577b337c6355737067682d33422d303a5f4d4247465d6465607f6d5f7a6f64666778657257616e6e672f3b402f32385f4d40474c556465787c605f746d787c757a67273b4a253a305d454047465764726975556a7d66666f70732531482f32385d4f4045465f6c677b65576b6566766f787c2d3b4025323a57454a4f445f6d7d6c7c69576670697f313e266d6c5d68373b66663d666c6e3c37343a666463363a3d653e386867326f37346c3a353d3c3c39323e643c3a3d3b26776d6c76354166746564253a30416c61262e776f6c783d4b6e7e6d6c253a32437a61732538324f7067644d4c2d383a476c6d696e6d2e636b6c3739323a3038&jb=393f3c24667135456778696c6661253a4e3d2e302d3238285f6b6c6c67777b2538304c542f3a3031382c3a2d3b4225383257696c3c3e253b482f3032723634212d3238497a786e6f576d6a436b74253846353b3f2633362d323828434a564544253a432f32326c636365253a324d6d6b6b6f232732304162786f656f2f30443b303926382e3d3c3b3c2c3d342d3a385161666b72692d3a4e35333f2e3b36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
nhs11h5x6ujhxrvokzlxdbxlsrdp3avcl3fvyy4q69626db9f2d54aa4am1.e.aa.online-metrix.net/fp/ Frame A47F 81 B
438 B 162ms
38ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nhs11h5x6ujhxrvokzlxdbxlsrdp3avcl3fvyy4q69626db9f2d54aa4am1.e.aa.online-metrix.net/fp/clear.png?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
v.ayco.com/fp/ Frame 7C10 209 KB
29 KB 47ms
47ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/check.js?&pageid=99998&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&org_id=nhs11h5x&nonce=69626db9f2d54aa4

Requested by

Host: v.ayco.com
URL: https://v.ayco.com/fp/HP?session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&org_id=nhs11h5x&nonce=69626db9f2d54aa4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6d7de4c1a4ee03c83443c4cfb831aad4b14601fea27850ab09598cd827e45f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.ayco.com/fp/HP?session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&org_id=nhs11h5x&nonce=69626db9f2d54aa4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
tmx-nonce: 69626db9f2d54aa4
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
v.ayco.com/fp/ Frame 32CD 0
387 B 40ms
40ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: v.ayco.com
URL: https://v.ayco.com/fp/ls_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.ayco.com/fp/ls_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
v.ayco.com/fp/ Frame 32CD 134 B
653 B 40ms
39ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/es.js?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&fr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

302be64c7cfbfa8216dfccb2c70550fd23208d3de3744977548ced118fdbf520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.ayco.com/fp/ls_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=681A48AC14335DC65E0106F32C4E0168
v.ayco.com/fp/ Frame A47F 0
400 B 45ms
45ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.ayco.com/fp/clear1.png;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jf=3c3b3e2479696c577a6c643d7e6472575c3b724d7d426b366c57715e5b7046392c736b64556c61746d3f3b3e3f34313c353035332c79696c557e7b726f3d776d6a3a6d6b6e7b632c73616c576965793733303d313b30313b303e303f3063303e3430636f336630383831303e32323a6938363e3a6365316e3a33383b3a35323934323838303c696f6a6732646e303e613332396562383d3066626e366d666b67313c6d626a663b6632366b6b32313c633c3e6c35313b6435343a3b69343d6f3e60313e6137693d62386c683e663f393b306d6439656c66396d3a6a34333a656b333864313e6b303a353d363a633d6e34383f343f6d6a3830683663323b6c3d3739396f67353e2673616c5f7b616d35313a343d383a3031303a61626e3d39336338653064383137316b303b313a3334643f3b31376c316e6a3e33356b3a323434323e30313b3e67643b62386b6c356d3f3d38336862313f6d3730323830313d6d3a64376c3369646b30613c31356d633e393a333a3c343639613e3d3d38383a3b6436323b6b3469383a6333683165393d373e393f383569363a3b6c6032267969667a3538

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=D2A94F27A7742BC1AD6EC47EAB02C48A
h.online-metrix.net/fp/ Frame FE09 0
400 B 43ms
42ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=D2A94F27A7742BC1AD6EC47EAB02C48A?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jf=3c3b302479696c577a6c643d7e6472577c5b34683d4d7841446b32794d494b6e2c736b64556c61746d3f3b3e3f34313c353035332c79696c557e7b726f3d776d6a3a6d6b6e7b632c73616c576965793733303d313b30313b303e303f3063303e3430636f336630383831303e32323a6938363e3a6365316e3a33383b3a35323934323838303c6d3a3d303f383f6c6a3b37613c39353c3a3c383030373a303a3236383d33306669393131396a38306c333b3d3e36363e606237613d38653b6f6f64673a3934316a3569393f39633a366b3e313166376b64343c393f33313c313f376d3537693f61696433333b393d3f623230673a386966616966373132326f6169323e3235332673616c5f7b616d35313a343e383a3031303a63393a6c69313669653a356c3a306c3d656e653d653465393c37333b36383c3d37326f3b3435643f3c36383b3860323a63633f6e62693e3a3c363f383b3c3863303238313038306e3964386231356b32373b31396e303d613a38386937363a366c393930373b66313234393c356d6f3e64663c39643b6a37393d683c3233383f3e69603331692673616e7a3d31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ARF;CIS3SID=A894237D7EDEE0046B921A2F02D170B5 Show response
v.ayco.com/fp/ Frame 7C10 35 B
557 B 42ms
42ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/ARF;CIS3SID=A894237D7EDEE0046B921A2F02D170B5?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&pageid=99998&sera_parametere=UEkLVgRVVFhSCgZQB1kFBFQNBVdVBwcBXgcBVgZTAgYBClJQB1BUAFFRUBNHElxdWElDRkVBUX1DBSYQAyVEBgZTRVdaAQ9cCEYXEAclRAN0CRMFckFQCQ5dF0FHRFJwEw50FwEgRF0PDwYMAFdQDQBbVAUFU1daVwBRVAxVVgUFAVUAAlMGCwRRXAEFU1NSUg0QXFkKAVxbBF0DBlcFVg9fBFYDUANYUhQORglRGVYPWgYKDwZRClALBgBVAAVXVwEPBFMFUwsFVgYCBlJUDAFfVAcEU1AfB1tZBwdVVxJfUAsfB0ISUFsLXQwNWUdcXQQQUAsnCksJXwETVhdcBQYAEFBZF19uD1wAWkMSR1dUBEJWTDsBWApeBlRXCkdRQgQDBg%3D%3D&count=0&max=0

Requested by

Host: v.ayco.com
URL: https://v.ayco.com/fp/check.js?&pageid=99998&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&org_id=nhs11h5x&nonce=69626db9f2d54aa4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

350fe8836066f78675eb27f284333be89208c87e1c256bca205937f590586c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v.ayco.com/fp/HP?session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&org_id=nhs11h5x&nonce=69626db9f2d54aa4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
v.ayco.com/fp/ Frame A47F 0
387 B 42ms
41ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://v.ayco.com/fp/clear.png?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jac=1&je=3a3a39242c776d61353a302e383535263f2631303c26786d356c6d2e6a617c737e3d2737482d323264677c6d6425323827334133243a302d38492730387374697c757b2d383a2739412d3a3a616861786769666f2d32322d374c266977666035636937683967366f3e38316b616b6b3e66326b3563313b3833333e393e34603f6333393f393e6a3e6c3a6e643c303e3230333266653c6e3833666b6430343d3b246d703335663b656735336b61663f373b3c3f37363f6632343b393c373d383e673b3866666b6a383939396963

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 22:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 RC930a780a5d194c84a166451f7aee5e2b-source.min.js Show response
assets.adobedtm.com/607ae6100a11/ea22be519b1d/65e4780c12ce/ 1 KB
803 B 845ms
845ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/65e4780c12ce/RC930a780a5d194c84a166451f7aee5e2b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1d57c50399ea97fd4d225adf56b788e955e7ab54b972f42d4895d182d7020ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 22:24:13 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 01:29:58 GMT
server: AkamaiNetStorage
etag: "f76064fafe352e41b78698a7f1369fd7:1672968598.872842"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.ayco.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 536
expires: Thu, 19 Jan 2023 23:24:13 GMT

GET
H2 200 s58528267893495
smetrics.marcus.com/b/ss/gsmwellnessprod/1/JS-2.22.0-LCXS/ 43 B
372 B 208ms
49ms Image
image/gif 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.marcus.com/b/ss/gsmwellnessprod/1/JS-2.22.0-LCXS/s58528267893495?AQB=1&ndh=1&pf=1&t=19%2F0%2F2023%2022%3A24%3A12%204%200&mid=90732376489129041054592208575759994963&aamlh=6&ce=UTF-8&pageName=us%3Aen%3Awellness%3Aprelogin%3Alogin%3Amanual&g=https%3A%2F%2Faccounts.ayco.com%2Fwellness%2Flogin%3FvanityId%3Dhersheys&cc=USD&ch=prelogin&server=accounts.ayco.com&events=event1%2Cevent79&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=90732376489129041054592208575759994963%7C2023-01-19%7C1&c3=5&c4=thursday&c5=weekday&c6=new&c7=1&c8=new%20visitor&c9=2023-01-19%2005%3A24%3A12&v10=90732376489129041054592208575759994963&c11=not%20logged%20in&c22=en&c23=prelogin&v23=not%20logged%20in&c24=login&v24=prelogin%3Alogin%3Amanual&c25=manual&c31=D%3Dv50&c32=2023-01-19%2017%3A24%3A12&c33=5%3A24%20pm%7Cthursday%7Cweekday&c34=2023-01-19&v37=en&v38=prelogin&v39=login&v40=manual&c44=us%3Aen%3Awellness%3Aprelogin%3Alogin%3Amanual&c45=yes&v47=landscape-primary&v50=https%3A%2F%2Faccounts.ayco.com%2Fwellness%2Flogin%3FvanityId%3Dhersheys&v51=https%3A%2F%2Faccounts.ayco.com%2Fwellness%2Flogin&v58=2023-01-19%2005%3A24%3A12&v85=us%3Aen%3Awellness%3Aprelogin%3Alogin%3Amanual&v87=D%3Duser-agent&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=51857BAF56FBC1EC7F000101%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ayco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 22:24:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 22:24:12 GMT
server: jag
etag: 3595246368791035904-4619822438304054380
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 18 Jan 2023 22:24:12 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
175 B 616ms
197ms Fetch
application/json 54.188.70.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/content/ayco/protect-ui/vendor-bcc9c087b8bab90353d2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.70.204 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-70-204.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://accounts.ayco.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://accounts.ayco.com
date: Thu, 19 Jan 2023 22:24:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
174 B 615ms
198ms Fetch
application/json 54.188.70.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: accounts.ayco.com
URL: https://accounts.ayco.com/content/ayco/protect-ui/vendor-bcc9c087b8bab90353d2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.70.204 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-70-204.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://accounts.ayco.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://accounts.ayco.com
date: Thu, 19 Jan 2023 22:24:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET clear3.png;CIS3SID=681A48AC14335DC65E0106F32C4E0168
v.ayco.com/fp/ Frame A47F 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: v.ayco.com
URL: https://v.ayco.com/fp/clear3.png;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jac=1&je=3c3d2e247a676d577d7264617e653d2d3f4a25323a302d323a2731492d374a2538327465782d32322d314b3b2d37442f3544

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ayco.com/	1969-12-31 23:59:59	Name: NSC_psjhjo.htbn.ht.dpn-443-wc Value: 5ccba3d871ac2c3606cece49f987ee9c2d682d3659cb5b6bfa1c32839e0b9bec41464ddc
.ayco.com/	1970-01-20 09:02:54	Name: ak_bmsc Value: 583A13DB2427B84791107AD31912ECCA~000000000000000000000000000000~YAAQtF4OF2rk6p2FAQAAudQhzBJcDgF9yZ+gA4ea8I86xmW24J+/0Ur3WsCPiIa6z7GxD5GJcdKOUpbWRzbXj9FLf9uAyzVkMAqOfCIiBk0/TG8uG/cFUglZd4C6kAUBqp4604TEiu3N85VvUkzMB7VfBXGi5iNEcJKM0FnxxNbREWDYvP5d/FFqBkzQBZ6XwQoAczL0Bb9DGMrEUUYYG6jNiIfC2jXkkwCM+/462mQxtA0QXpdKCxv26s+cVmnzP/67LDLM/FZdGOGNyP8eCGmgaM5OHgX3LsGgmg7zpbhD2ZhZIvBsPThpFv4szeJguQ1nNPG353hMR6R+6oF5xBkB64vEORU5dG61mtX0ybvnfGwci/UGro2cA7TQ
portal.ayco.com/	1969-12-31 23:59:59	Name: OpenIdConnect.nonce.wnfkzx5dscIa%2BiWn7%2BDM7yISmA%2BlfzrbzO09nUhlYCk%3D Value: UzRJUy1zdGVSb1lCX09TOURjTDdOZVVEV3BVTm1rRlN0UndYYlFtMm8yZTJXdTJFbS1EOXZ1ODV1YllkSDVrV0RZQ1RLY05sajgxM3NuZ2NJSzl0R3VNQ1V4MU50bEd3N1o1eGVTZ2U5MVhKVGJWTTdqakVUcHN4TDBkZTVRTm1tM09EUTZneUw5RGxmcU9NRGczdEdkekMzUEVNMFdISUVwVHVwUnJfWHBFWDhPWFY0ajNoNGFlbnVZcm81Rm1KOWZoSW9pMjRXdDM0cV9iU2FZUF9vS0NnZUMyWklOSm5BSS1ZN1RKLVd3cw%3D%3D
accounts.ayco.com/	1970-01-20 09:02:47	Name: NSC_psjhjo.ipoftuepmmbs.dpn-443-wc Value: 14b5a3d9d5c4c2d77e02b3880ab5b66ec402eb6f192f72bdfa8fc37f7e7cdd3124b15672
.ayco.com/	1969-12-31 23:59:59	Name: memberId Value:
.ayco.com/	1969-12-31 23:59:59	Name: emailId Value:
.ayco.com/	1969-12-31 23:59:59	Name: journey_id Value: edfcd250-da07-427d-8ce6-6f5fa88020a1
.demdex.net/	1970-01-20 13:21:59	Name: demdex Value: 90426824346072705414552680779366561143
.ayco.com/	1969-12-31 23:59:59	Name: AMCVS_51857BAF56FBC1EC7F000101%40AdobeOrg Value: 1
.ayco.com/	1970-01-20 18:38:47	Name: AMCV_51857BAF56FBC1EC7F000101%40AdobeOrg Value: 359503849%7CMCMID%7C90732376489129041054592208575759994963%7CMCAAMLH-1674771850%7C6%7CMCAAMB-1674771850%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674174250s%7CNONE%7CvVersion%7C5.0.1
accounts.ayco.com/	1970-01-20 09:02:47	Name: ADRUM_BTa Value: R:58\|g:00928bb4-6a64-4c79-81d8-06515a643fee\|n:customer1_fc06d2a1-6174-48cd-8937-090bab427a9f
accounts.ayco.com/	1970-01-20 09:02:47	Name: ADRUM_BT1 Value: R:58\|i:593\|e:88
.ayco.com/	1970-01-20 09:02:54	Name: bm_sv Value: FDFD970A1FAE2DA4FB1B840F3737D434~YAAQPBdlX3TerMWFAQAAxd8hzBJLWI9LFc+oRG7VKCYrkIAsA4WobqWVSTubHwm4buPKmLfhCAdzPbjP9tHkPFNtHEk1KqM5RkF70YKqLKd2HWbyo6VwV1BsvG2/WP3wmWXjNTyU9bmcyII2iQ3zEFN9IF4Ija7yqWr480v9e0nGTPRHhrsXNYl9CbHNgjYKP9FJ+ZGJUJDVXDT3p8ONBF8T81bUsFfaQTFKScwSNkYvShGeXuyY92J2ZpSzIA==~1
v.ayco.com/	1970-01-20 18:38:47	Name: thx_guid Value: 63b849fd4e81f23254a348b6bb5efb4d
v.ayco.com/	1970-01-20 18:38:47	Name: tmx_guid Value: AAxjgRckeE7guuJeZ_NpHS_gyM0sOPwthPMw7OMoCUnU9-iUWfkB1x3oB67a-2RcGGju5ZKFxvZJ3pQxrLvdExfwRRYS2A
.ayco.com/	1970-01-20 17:48:28	Name: s_vnc365 Value: 1705703052306%26vn%3D1
.ayco.com/	1970-01-20 09:02:48	Name: s_ivc Value: true
.ayco.com/	1970-01-20 18:38:47	Name: s_dslv Value: 1674167052314
.ayco.com/	1969-12-31 23:59:59	Name: s_lgn Value: 1674167052317
.ayco.com/	1970-01-20 09:02:48	Name: s_ppn Value: us%3Aen%3Awellness%3Aprelogin%3Alogin%3Amanual
.ayco.com/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.ayco.com/	1969-12-31 23:59:59	Name: s_ppv Value: us%253Aen%253Awellness%253Aprelogin%253Alogin%253Amanual%2C57%2C57%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.ayco.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.ayco.com/	1970-01-20 17:48:23	Name: ajs_anonymous_id Value: 90732376489129041054592208575759994963
.ayco.com/	1970-01-20 09:02:48	Name: s_pp Value: prelogin%3Alogin%3Amanual
.ayco.com/	1970-01-20 09:45:59	Name: s_nr30 Value: 1674167053038-New

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://accounts.ayco.com/wellness/login?vanityId=hersheys Message: Unrecognized Content-Security-Policy directive 'require-sri-for'.
network	error	URL: https://accounts.ayco.com/api/cwm/v1/postLogin Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
security	error	URL: https://v.ayco.com/fp/tags.js?session_id=MjY2ZDlmYWQtZDdlYi00YTY0LWFiMDYtZDg0NmU4M2NmYTUzfDE2NzQxNjcwNTAxMTM&org_id=nhs11h5x&page_id=login(Line 100) Message: Unrecognized Content-Security-Policy directive 'require-sri-for'.
security	error	URL: https://v.ayco.com/fp/tags.js?session_id=MjY2ZDlmYWQtZDdlYi00YTY0LWFiMDYtZDg0NmU4M2NmYTUzfDE2NzQxNjcwNTAxMTM&org_id=nhs11h5x&page_id=login(Line 100) Message: Unrecognized Content-Security-Policy directive 'require-sri-for'.
security	error	URL: https://v.ayco.com/fp/check.js;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jb=3d332e246073677d3555696e6e6f777b2e62736f3557616e6c6d757b2d3238313a266873687d3d43607065656d266a79603d436a78656d6d2f3832333a39(Line 291) Message: Unrecognized Content-Security-Policy directive 'require-sri-for'.
security	error	URL: https://v.ayco.com/fp/check.js;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jb=3d332e246073677d3555696e6e6f777b2e62736f3557616e6c6d757b2d3238313a266873687d3d43607065656d266a79603d436a78656d6d2f3832333a39(Line 307) Message: Unrecognized Content-Security-Policy directive 'require-sri-for'.
security	error	URL: https://v.ayco.com/fp/check.js;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jb=3d332e246073677d3555696e6e6f777b2e62736f3557616e6c6d757b2d3238313a266873687d3d43607065656d266a79603d436a78656d6d2f3832333a39(Line 307) Message: Unrecognized Content-Security-Policy directive 'require-sri-for'.
security	error	URL: https://v.ayco.com/fp/check.js;CIS3SID=681A48AC14335DC65E0106F32C4E0168?org_id=nhs11h5x&session_id=mjy2zdlmywqtzddlyi00yty0lwfimdytzdg0nmu4m2nmytuzfde2nzqxnjcwntaxmtm&nonce=69626db9f2d54aa4&jb=3d332e246073677d3555696e6e6f777b2e62736f3557616e6c6d757b2d3238313a266873687d3d43607065656d266a79603d436a78656d6d2f3832333a39(Line 307) Message: Unrecognized Content-Security-Policy directive 'require-sri-for'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.marcus.com https://.gs.com 'unsafe-inline'; font-src 'self' https://.zopim.com https://.marcus.com https://.gs.com data:; script-src 'self' https://consent.trustarc.com https://assets.adobedtm.com https://.salemove.com https://ds-aksb-a.akamaihd.net https://assets.adobedtm.com https://js-cdn.dynatrace.com https://.zopim.com https://assets.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://gsam.122.2o7.net https://int.igc.imddas.site.gs.com:26000 https://static.zdassets.com https://int.igc.imddas.site.gs.com https://maps.googleapis.com https://.marcus.com https://.ayco.com https://.gs.com https://h.online-metrix.net https://cdn.plaid.com https://analytics.twitter.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://api.segment.io wss://.salemove.com https://.salemove.com https://.salemove.com https://dspsandbox.zendesk.com https://gsdsp.zendesk.com https://static.zdassets.com https://.marcus.com https://.ayco.com https://h.online-metrix.net wss://.zopim.com https://.goldman.com https://gsam.122.2o7.net https://honestdollarhelp1510158891.zendesk.com https://honestdollarhelp1510158891.zendesk.com https://.gs.com https://gs-analytics.url.gs.com:8443 https://.demdex.net https://embed.rcrsv.io 'unsafe-inline' data:; object-src 'self' https://.marcus.com; child-src 'self' https://.gs.com https://.marcus.com https://cdn.plaid.com https://.demdex.net https://.docusign.net https://int.honestdollar.imddas.site.gs.com:25000 https://.docusign.com; frame-src 'self' https://consent-pref.trustarc.com https://.gs.com https://.marcus.com https://.ayco.com https://h.online-metrix.net https://cdn.plaid.com https://demo.docusign.net https://.demdex.net https://.docusign.net https://.docusign.com https://embed.rcrsv.io https://int.honestdollar.imddas.site.gs.com:25000; img-src 'self' data:; style-src 'self' https://*.salemove.com d456155-014-e1.dc.gs.com 'unsafe-inline'; require-sri-for script;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.ayco.com
api.segment.io
assets.adobedtm.com
dpm.demdex.net
h.online-metrix.net
nhs11h5x6ujhxrvokzlxdbxlsrdp3avcl3fvyy4q69626db9f2d54aa4am1.e.aa.online-metrix.net
portal.ayco.com
smetrics.marcus.com
v.ayco.com
www.ayco.com
v.ayco.com
13.37.25.97
23.45.105.227
2a02:26f0:3500:587::1e80
54.188.70.204
54.217.237.24
91.235.132.130
91.235.133.182
91.235.134.131
95.101.23.64
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
18385f1bc41dc5c14d769758da9452f28872cd6c5f65ace1fb901e0461ad0125
1d57c50399ea97fd4d225adf56b788e955e7ab54b972f42d4895d182d7020ec2
20df0b70f1cbc88995a7845d2fca56713c109f1a5b272d10d3d188c0802f733f
2b3d8208222f0bdfc1dc3cf3989255c85a829138015eaee2e13e9d06e060402e
2d394a5f8f621451b5cdf6bd5a3fe9f05011240459f5ee373469ec382a64b317
302be64c7cfbfa8216dfccb2c70550fd23208d3de3744977548ced118fdbf520
30ea153b2e11ad0111c8dbcc4d5fbd0b26304ff8b6f9682ab6e4554876190e02
350fe8836066f78675eb27f284333be89208c87e1c256bca205937f590586c9d
4d232f53a5dd6d401517317d4f5edc973e11bca2e849fdc0936734f2360ad22c
4ff8451a9e9b7f2bda4afc02269deee8f348d35bb26b927f27f96c1573c560e9
5221e07e61776da225606268e68a6c9ae7cd92b22f70c48d855f3117ae8c5272
6217fb2fb7a3e9ad51f6c1082050dfb975de732d3267efdd7da6d6b886351686
66450fa8eb3a67487e52fc1320a511942030f8281dcb024579863f5eb12c8151
6ac04e03e43c622d9a3c4ef18361fa1b532fd09912c5daa52d3dcbf2fb54beb6
6d7de4c1a4ee03c83443c4cfb831aad4b14601fea27850ab09598cd827e45f33
7cb70a7041e7076392ff4838814442aa31c0032de570dce9387ed566ea602279
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
86029919987967170ed9a419d44c3877054663edda860e572c7bec91b49989eb
8da3cf5ee35f2153dd1e353ebb2827305e2ef96a7336ee054c27e9da8030dde3
93d5b932a1bd59896f509cf8d16d7437040ac64978f01dffb39904372d0a4312
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
afbc1781bb3753125343c1e1bef02e21e1473293e4cd3fc266b47ad95815e2d1
b0311606809197bc7820a36ee7f98b3a54e9fc69309950cb1ba0fe78a37be9f7
c0b1e19061a3724ef5e2859540f1735709c5bb6453d2b2e3e7ecbf860ec9413e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6daafc725f4cbc4243b66ff4635963e22e27e37a9b3790f616e817626deb639
fa3383c79ae901742f7ff01bfa73e44cd81397d95f36b223df5bd40d8a7f0056
ff6d14f77e27f7b90cb2f20bce408189f5f388961f3fcd13fe2df2cc0a002dc3

accounts.ayco.com Open in urlscan Pro 95.101.23.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

93 %HTTPS

11 %IPv6

6 Domains

10 Subdomains

9 IPs

5 Countries

2113 kBTransfer

9059 kBSize

26 Cookies

10 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

accounts.ayco.com Open in urlscan Pro
95.101.23.64 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

93 %
HTTPS

11 %
IPv6

6
Domains

10
Subdomains

9
IPs

5
Countries

2113 kB
Transfer

9059 kB
Size

26
Cookies

43 HTTP transactions
0 data transactions