secure.checksinthemail.com Open in urlscan Pro
12.190.117.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tr.subscribermail.com/cc.cfm?sendto=http:%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&tempid=...
Effective URL:
https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Submission: On October 16 via manual (October 16th 2020, 5:48:28 pm UTC) from IN

Summary HTTP 105 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 31 IPs in 9 countries across 26 domains to perform 105 HTTP transactions. The main IP is 12.190.117.102, located in San Antonio, United States and belongs to HARLANDCLARKE-AS, US. The main domain is secure.checksinthemail.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 15th 2020. Valid for: 2 years.

This is the only time secure.checksinthemail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.240.154.84 63.240.154.84	7018 (ATT-INTER...) (ATT-INTERNET4)
1 38	12.190.117.102 12.190.117.102	21945 (HARLANDCL...) (HARLANDCLARKE-AS)
10	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	99.86.243.86 99.86.243.86	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	23.111.9.213 23.111.9.213	33438 (HIGHWINDS2) (HIGHWINDS2)
1	99.86.245.136 99.86.245.136	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
2	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	15.188.154.177 15.188.154.177	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2 4	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.243.32 99.86.243.32	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:47ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10c... 2a02:26f0:10c:5a4::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a03:6400:10:... 2a03:6400:10:0:178:249:97:99	11054 (LIVEPERSON) (LIVEPERSON)
8	2a03:6400:10:... 2a03:6400:10:0:178:249:97:98	11054 (LIVEPERSON) (LIVEPERSON)
4	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	35.227.229.34 35.227.229.34	15169 (GOOGLE) (GOOGLE)
2	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
105	31

1 63.240.154.84 (United States) 1 redirects

ASN7018 (ATT-INTERNET4, US)
PTR: tr.subscribermail.com

tr.subscribermail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 12.190.117.102 (San Antonio, United States) 1 redirects

ASN21945 (HARLANDCLARKE-AS, US)

secure.checksinthemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:6c00::210:ba2a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-86.vie50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.213 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

a.optnmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.245.136 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-245-136.vie50.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.154.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

harlandclarke.d1.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.205.230 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f230.1e100.net

8332934.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.243.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-32.vie50.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:47ab (United States)

ASN13335 (CLOUDFLARENET, US)

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:5a4::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:6400:10:0:178:249:97:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:6400:10:0:178:249:97:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.229.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 34.229.227.35.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	checksinthemail.com 1 redirects secure.checksinthemail.com	751 KB
13	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	66 KB
11	typekit.net use.typekit.net p.typekit.net	232 KB
6	liveperson.net lptag.liveperson.net va.v.liveperson.net	101 KB
5	doubleclick.net 2 redirects 8332934.fls.doubleclick.net stats.g.doubleclick.net	1 KB
4	bounceexchange.com tag.bounceexchange.com assets.bounceexchange.com api.bounceexchange.com	113 KB
4	google-analytics.com ssl.google-analytics.com www.google-analytics.com	26 KB
3	googletagmanager.com www.googletagmanager.com	111 KB
2	nr-data.net bam.nr-data.net	468 B
2	facebook.com www.facebook.com	518 B
2	omappapi.com api.omappapi.com	3 KB
2	omtrdc.net 1 redirects harlandclarke.d1.sc.omtrdc.net	1 KB
2	bing.com bat.bing.com	9 KB
2	yimg.com s.yimg.com	7 KB
2	facebook.net connect.facebook.net	91 KB
2	yahoo.com sp.analytics.yahoo.com	2 KB
1	newrelic.com js-agent.newrelic.com	14 KB
1	google.de www.google.de	106 B
1	google.com www.google.com	106 B
1	luckyorange.net settings.luckyorange.net	836 B
1	cloudfront.net d10lpsik1i8c69.cloudfront.net	3 KB
1	optnmnstr.com a.optnmnstr.com	62 KB
1	trustpilot.com widget.trustpilot.com	7 KB
1	subscribermail.com 1 redirects tr.subscribermail.com	298 B
0	unica.com Failed pt000170.unica.com Failed
0	ic-live.com Failed www.ic-live.com Failed
105	26

	Domain	Requested by
38	secure.checksinthemail.com	1 redirects secure.checksinthemail.com
10	use.typekit.net	secure.checksinthemail.com
8	lpcdn.lpsnmedia.net	secure.checksinthemail.com
5	accdn.lpsnmedia.net	secure.checksinthemail.com
4	va.v.liveperson.net	secure.checksinthemail.com
4	8332934.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	www.googletagmanager.com	secure.checksinthemail.com
2	bam.nr-data.net	secure.checksinthemail.com
2	www.facebook.com	secure.checksinthemail.com
2	assets.bounceexchange.com	secure.checksinthemail.com
2	api.omappapi.com	secure.checksinthemail.com
2	www.google-analytics.com	secure.checksinthemail.com
2	harlandclarke.d1.sc.omtrdc.net	1 redirects secure.checksinthemail.com
2	bat.bing.com	secure.checksinthemail.com
2	s.yimg.com	secure.checksinthemail.com
2	connect.facebook.net	secure.checksinthemail.com
2	lptag.liveperson.net	secure.checksinthemail.com
2	ssl.google-analytics.com	secure.checksinthemail.com
2	sp.analytics.yahoo.com	secure.checksinthemail.com
1	api.bounceexchange.com	secure.checksinthemail.com
1	js-agent.newrelic.com	secure.checksinthemail.com
1	www.google.de	secure.checksinthemail.com
1	www.google.com	secure.checksinthemail.com
1	p.typekit.net	secure.checksinthemail.com
1	stats.g.doubleclick.net	secure.checksinthemail.com
1	settings.luckyorange.net	secure.checksinthemail.com
1	tag.bounceexchange.com	secure.checksinthemail.com
1	d10lpsik1i8c69.cloudfront.net	secure.checksinthemail.com
1	a.optnmnstr.com	secure.checksinthemail.com
1	widget.trustpilot.com	secure.checksinthemail.com
1	tr.subscribermail.com	1 redirects
0	pt000170.unica.com Failed	secure.checksinthemail.com
0	www.ic-live.com Failed	secure.checksinthemail.com
105	33

This site contains links to these domains. Also see Links.

Domain
signup.cj.com
blog.checksinthemail.com
www.bbb.org
www.cpsa-checks.org

Subject Issuer	Validity	Valid
secure.checksinthemail.com DigiCert SHA2 Extended Validation Server CA	`2020-08-15` - `2022-10-13`	2 years	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.trustpilot.com Amazon	`2020-05-01` - `2021-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
*.optnmnstr.com Go Daddy Secure Certificate Authority - G2	`2019-10-17` - `2021-10-17`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
tag.bounceexchange.com Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
*.liveperson.net COMODO RSA Organization Validation Secure Server CA	`2017-12-17` - `2020-12-16`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-06` - `2020-11-25`	2 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.d1.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-31` - `2021-07-31`	a year	crt.sh
api.opmnstr.com Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
bounceexchange.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.lpsnmedia.net COMODO RSA Organization Validation Secure Server CA	`2018-02-26` - `2021-02-25`	3 years	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-13` - `2021-05-07`	7 months	crt.sh
api.bounceexchange.com GTS CA 1D2	`2020-08-30` - `2020-11-28`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Frame ID: 0BDDB2D73B4E9078AEF5FEBF0BCB4F76
Requests: 101 HTTP requests in this frame

Frame: https://8332934.fls.doubleclick.net/activityi;dc_pre=CIa3mvDVuewCFUwFiwodzsMOkw;src=8332934;type=pagev0;cat=up01;ord=4653753076420;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1
Frame ID: CDA4F06D98F5916D8D53403CAC0E4E3D
Requests: 1 HTTP requests in this frame

Frame: https://8332934.fls.doubleclick.net/activityi;dc_pre=CPy4mvDVuewCFRafdwodhYANKg;src=8332934;type=pagev0;cat=adclk01;ord=8915722104250;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1
Frame ID: 864ACF4C9F26E14708AD976BDBAAAFD8
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: CE055F1DED10CD45E6A8D583849D92CF
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fsecure.checksinthemail.com&site=46818851&env=prod
Frame ID: F98EBBA0044B2CD73BD61F79E435CEAC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tr.subscribermail.com/cc.cfm?sendto=http:%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcod... HTTP 302
http://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1 HTTP 301
https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1 Page URL

Detected technologies

CFML (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Adobe ColdFusion (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

105
Requests

98 %
HTTPS

48 %
IPv6

26
Domains

33
Subdomains

31
IPs

9
Countries

1599 kB
Transfer

3254 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.cj.com/member/signup/publisher/?cid=2120189
Title: Become an Affiliate

Search URL Search Domain Scan URL

URL: http://blog.checksinthemail.com/
Title: Blogs

Search URL Search Domain Scan URL

URL: http://www.bbb.org/central-texas/business-reviews/checks-printing/checks-in-the-mail-inc-in-new-braunfels-tx-28222#sealclick
Title:

Search URL Search Domain Scan URL

URL: https://www.cpsa-checks.org/i4a/pages/index.cfm?pageid=1
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tr.subscribermail.com/cc.cfm?sendto=http:%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&tempid=9e06e905c07942949c76f9ca20de27d8&mailid=39ed08b6dd7743bfaffa87e96237120b0 HTTP 302
http://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1 HTTP 301
https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://harlandclarke.d1.sc.omtrdc.net/b/ss/hccitm/1/H.24.1/s34440291228406?AQB=1&ndh=1&t=16%2F9%2F2020%2019%3A48%3A6%205%20-120&ce=UTF-8&ns=harlandclarke&pageName=line%20-%20Disney%20Micro%20Site%20Checks%20Page&g=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&cc=USD&ch=Consumer&server=secure.checksinthemail.com(SA1W-WEBQE2-P1)&pageType=line&v0=MLMM91-1&c1=Consumer%3ADisney%20Micro%20Site%20Checks%20Page&c2=Consumer%3ADisney%20Micro%20Site%20Checks%20Page&c4=Consumer&v10=New&v14=Friday%20-%2012%3A30PM&v22=194.99.105.99&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://harlandclarke.d1.sc.omtrdc.net/b/ss/hccitm/1/H.24.1/s34440291228406?AQB=1&pccr=true&vidn=2FC4EE6B8515E835-60000AC90FEB3CD0&ndh=1&t=16%2F9%2F2020%2019%3A48%3A6%205%20-120&ce=UTF-8&ns=harlandclarke&pageName=line%20-%20Disney%20Micro%20Site%20Checks%20Page&g=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&cc=USD&ch=Consumer&server=secure.checksinthemail.com(SA1W-WEBQE2-P1)&pageType=line&v0=MLMM91-1&c1=Consumer%3ADisney%20Micro%20Site%20Checks%20Page&c2=Consumer%3ADisney%20Micro%20Site%20Checks%20Page&c4=Consumer&v10=New&v14=Friday%20-%2012%3A30PM&v22=194.99.105.99&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Request Chain 37

https://8332934.fls.doubleclick.net/activityi;src=8332934;type=pagev0;cat=up01;ord=4653753076420;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1 HTTP 302
https://8332934.fls.doubleclick.net/activityi;dc_pre=CIa3mvDVuewCFUwFiwodzsMOkw;src=8332934;type=pagev0;cat=up01;ord=4653753076420;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1

Request Chain 38

https://8332934.fls.doubleclick.net/activityi;src=8332934;type=pagev0;cat=adclk01;ord=8915722104250;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1 HTTP 302
https://8332934.fls.doubleclick.net/activityi;dc_pre=CPy4mvDVuewCFRafdwodhYANKg;src=8332934;type=pagev0;cat=adclk01;ord=8915722104250;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set index_promo.aspx Show response
secure.checksinthemail.com/
Redirect Chain

http://tr.subscribermail.com/cc.cfm?sendto=http:%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&tempid=9e06e905c07942949c76f9ca20de27d8&mailid=39ed08b6dd7743bfaffa87e96237120b0
http://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

157 KB
48 KB

989ms
342ms

Document
text/html

12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

392bcb55c7117d98455315699ae313f9f69871c7a233aa070044c7f5544d451f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: secure.checksinthemail.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Pragma: No-cache
Content-Type: text/html; charset=iso-8859-1
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=wvfap5lyzweecpww1rh3cyz1; path=/; secure; HttpOnly; SameSite=None AdCode=AdCode=MLMM91-1; expires=Fri, 23-Oct-2020 17:48:05 GMT; path=/; secure; HttpOnly sessioncookie=!MRm1NzGUk7hHbFKk4IxrpTSVVWLgo/6hoNQRiC/b1VXeK4w9x5sfYVFJPdMwdZClMiH2BXJwmktx7NY1kCGHgZX8iRHm75d/KyWHMVwhQg==; path=/; Httponly; Secure
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-FRAME-OPTIONS: SAMEORIGIN
Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Length: 48512

Redirect headers

Location: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 rhd4ymf.js Show response
use.typekit.net/ 19 KB
7 KB 120ms
116ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/rhd4ymf.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

b4ef08bab839579149b00ec509adfa67e9e9980eceeaf81ece8642e79e684e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Fri, 16 Oct 2020 17:48:06 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7029

GET
H/1.1 200
OK citm.css
secure.checksinthemail.com/includes/css/ 170 KB
29 KB 462ms
184ms Stylesheet
text/css 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/css/citm.css

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

99a6c572563af70247cb0deeba29abcd19e6c7fb613f3a2dac15f4cf8937a7ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 14 Nov 2018 15:25:22 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "01d1b422e7cd41:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 29082

GET
H/1.1 200
OK paymentGateway.css
secure.checksinthemail.com/includes/css/ 162 B
565 B 546ms
177ms Stylesheet
text/css 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/css/paymentGateway.css

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

6af08e08f76e0d025ecaf3c179e8188259b60bcaaad7063a1353da536de1d297

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 22 Mar 2016 12:37:17 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "285ae3913784d11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 243

GET
H/1.1 200
OK respond.min.js Show response
secure.checksinthemail.com/includes/javascript/ 4 KB
2 KB 549ms
180ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/javascript/respond.min.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

82069c15edd6943dfaa59f5ac3f6acc86fd44a28fe925e410ccdcadec194a8ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 22 Mar 2016 12:37:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8029b7923784d11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2222

GET
H/1.1 200
OK HeadTag.js Show response
secure.checksinthemail.com/includes/javascript/ 4 KB
2 KB 555ms
181ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/javascript/HeadTag.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

4e37907ee5d438fb86816439efd8cad23d2360fc05220da325b608980aaa0d60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 30 May 2016 02:02:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "019ca5417bad11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1653

GET
H/1.1 200
OK citm.min.js Show response
secure.checksinthemail.com/includes/javascript/ 147 KB
46 KB 561ms
183ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/javascript/citm.min.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

40ac7d22b8cffe622d6b87c85480f6f3d06dd11dc6560954a6873b98daf5d88c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 24 Feb 2017 19:26:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0a666f3d38ed21:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 46398

GET
H/1.1 200
OK jquery.easing.1.3.js Show response
secure.checksinthemail.com/includes/javascript/ 8 KB
2 KB 564ms
184ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/javascript/jquery.easing.1.3.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

967bcf0d949317261b1460ae7a27b35ae9e95256b6fccff96695e77feee899fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 22 Mar 2016 12:37:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8029b7923784d11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2049

GET
H/1.1 200
OK jquery.cookie.js Show response
secure.checksinthemail.com/includes/javascript/ 2 KB
1 KB 192ms
189ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/javascript/jquery.cookie.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 22 Mar 2016 12:37:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8f11f933784d11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 876

GET
H/1.1 200
OK mtagconfig.js Show response
secure.checksinthemail.com/includes/javascript/ 2 KB
1 KB 646ms
176ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/javascript/mtagconfig.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e2262d06f403b5a8d65358fd91203d7195778dfd00760adb2c774488733960bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 16 Aug 2017 18:20:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "232f495dbc16d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 962

GET
H/1.1 200
OK FlashEmbed.js Show response
secure.checksinthemail.com/includes/javascript/ 2 KB
1 KB 717ms
171ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/javascript/FlashEmbed.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b71538ac45b767065d48a515a6465debd7dffa58b97f6e62ae0b12cbbe06c30f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 15 Nov 2017 15:56:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6efd4b472a5ed31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 788

GET
H/1.1 200
OK spin.js Show response
secure.checksinthemail.com/includes/javascript/ 12 KB
5 KB 731ms
182ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/javascript/spin.js?cb=25

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

340029011faca058e2c63e9b166a306a51735b8ace162d00f1244eeb98c27cf3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 15 Sep 2016 12:44:54 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "5b14f54efd21:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4994

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 20 KB
7 KB 204ms
66ms Script
application/x-javascript 99.86.243.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.86 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-86.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9131bd361b2b3232941ec23c687d43c06a5f3e423108fe32f0febba595619636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 11:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21722
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 6529
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Sep 2020 08:28:23 GMT
server: AmazonS3
etag: "9f742513a6d446a4d385521586461cf1"
content-type: application/x-javascript
via: 1.1 315b8dfb52e5c49bd834510b0301e939.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: LHGlozlPKrO89mmA6iq9QSdrczy6xgXHvxN5qNg6-hWYDvr4EAw-9A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1628616-1

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f624fbae6a240881774731c556417c44ac66eabbd746ff4ed0e61d4ce71b2184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:06 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37885
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Oct 2020 17:48:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 26ms
23ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8332934

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c45bc268461029602604f7a88c66f28b4acfed299737dee299b35f4ec7afc607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:06 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Oct 2020 17:48:06 GMT

GET
H/1.1 200
OK siteCatalyst.js Show response
secure.checksinthemail.com/Includes/Javascript/ 33 KB
13 KB 734ms
180ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/Includes/Javascript/siteCatalyst.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

9408796b380093b3020bba8a4a0b6b480c75ab52a6c7e3e5b8531b72bc04ead8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 23 Mar 2016 21:13:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80d1cce54885d11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 13331

GET
H/1.1 200
OK WebResource.axd Show response
secure.checksinthemail.com/ 23 KB
6 KB 474ms
187ms Script
application/x-javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/WebResource.axd?d=ceG4MoxUfHzZorI72Uvkjd2_3sVJ7-WVvt624ogSn1tNHwnS6wMxxERZumOlr61g9f7myu35_dz3c5ow8djE7YmjbHo1&t=637290609560000000

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 30 Jun 2020 01:55:56 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 6007
Expires: Sat, 16 Oct 2021 08:27:37 GMT

GET
H/1.1 200
OK jquery.lazyload.min.js Show response
secure.checksinthemail.com/includes/JavaScript/ 3 KB
1 KB 184ms
181ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/JavaScript/jquery.lazyload.min.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a75f877e4bad8501221e14c65bc17a2850f7406cae7903e8839f2be5d281f20d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 22 Mar 2016 12:37:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8029b7923784d11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1143

GET
H/1.1 200
OK Disney_micro_banner2.jpg
secure.checksinthemail.com/images/ 50 KB
50 KB 201ms
198ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/Disney_micro_banner2.jpg

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

31f87cff4bedcb80d674d677dc6d397f9073c8d245502fc70015914fe17340f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
Last-Modified: Wed, 10 Mar 2010 21:50:16 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "411794ab9bc0ca1:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 51408

GET
H/1.1 200
OK blank.gif
secure.checksinthemail.com/images/ 43 B
318 B 181ms
180ms Image
image/gif 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/blank.gif

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
Last-Modified: Tue, 16 Nov 2010 16:04:33 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d3b755f5a785cb1:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK blue-seal-96-50-checksinthemailinc-28222.png
secure.checksinthemail.com/images/ 2 KB
2 KB 185ms
184ms Image
image/png 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/blue-seal-96-50-checksinthemailinc-28222.png

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

d2f341ecc14ae0073e3228d3f4cb87866b7b351078faa9b0146bc856fbb65548

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
Last-Modified: Mon, 21 Feb 2011 17:25:28 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "47282e55ecd1cb1:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2054

GET
H/1.1 200
OK cpsa.gif
secure.checksinthemail.com/images/ 2 KB
2 KB 188ms
187ms Image
image/gif 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/cpsa.gif

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

509eb5008d607b4229d2151648dedc363a66a451de26ae44ec13a270efe6a571

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
Last-Modified: Thu, 15 Apr 2004 18:37:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0f045af1823c41:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 1910

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
886 B 287ms
130ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=11600

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 16 Oct 2020 17:48:07 GMT

GET
H2 200 urchin.js Show response
ssl.google-analytics.com/ 22 KB
7 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/urchin.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 12:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 18080
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Fri, 30 Oct 2020 12:46:47 GMT

GET
H/1.1 200
OK i2a.js Show response
secure.checksinthemail.com/includes/JavaScript/ 2 KB
1 KB 194ms
191ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/JavaScript/i2a.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

4c78fc78e0615a68b39b1a0cfb2cb6bc508d064c7502b661a8d9d7f96607b838

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 22 Mar 2016 12:37:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c8a811933784d11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 815

GET
H/1.1 200
OK ntpagetag.js Show response
secure.checksinthemail.com/includes/JavaScript/ 11 KB
5 KB 191ms
189ms Script
application/javascript 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/JavaScript/ntpagetag.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

08bd7d4fa1289063f1d71c29a48ce5820393352614d4ce4eb080e0d9a80d7467

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 23 Mar 2016 21:13:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7d59c5e54885d11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4843

GET
H2 200 api.min.js Show response
a.optnmnstr.com/app/js/ 209 KB
62 KB 214ms
67ms Script
application/javascript 23.111.9.213
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://a.optnmnstr.com/app/js/api.min.js
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.213 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 91cc02b1af08dc8d0ad14ef5d7ac374970890f83cb7349e922d15b9c2acfab74

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 16:40:03 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 428D93E90A50C8D7
etag: W/"e58615e713f20f88fa583609b861537c"
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
access-control-allow-origin: *
x-amz-id-2: n9bG4h9g3EMI0SANyeZ6C9u45avpQcj9BfFIC0j0A8/PGfYGouN6De3JRnlX5w8P9HLU4I668Bg=
expires: Mon, 11 Oct 2021 17:48:07 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 229ms
85ms Script
application/javascript 99.86.245.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.245.136 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-245-136.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2acc01fc8a5dbd8dd1e85d9c5ecd64e8ec1dc3326c18a704c172d1c2ec3a672

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:36:32 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 15:38:41 GMT
server: AmazonS3
age: 696
etag: "099bb3519bf5b16687a280da5eeadf81"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: H547OzNjl2H3gugiQgeKnL_OEnP0tzn9p-wDa250pndCA788EQqaSQ==
via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)

GET
H2 200 i.js Show response
tag.bounceexchange.com/2158/ 15 KB
5 KB 285ms
163ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/2158/i.js
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: a776d3ca96c384cafbef00aba8b430703efe63ce1abcb267f77b211082e79c01

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:06 GMT
content-encoding: gzip
server: fasthttp
age: 1
etag: 7c93e9104827df
content-type: text/plain; charset=utf-8
status: 200
cache-control: public, max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 4689
via: 1.1 google

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 18 KB
7 KB 227ms
68ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=46818851
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: gzip
last-modified: Tue, 21 Aug 2018 07:47:45 GMT
server: ws
etag: "5b7bc3a1-198d"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 6541

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: Cq4IhGnroWri5gzCPh4NLDAl5UyjYUjplHiZNMkqAmWrg7Chy7LrByUtEBYRGoU/SV9oWaXNKEk4i6DYg8H9Lg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 16 Oct 2020 17:48:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 51ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 16 Oct 2020 17:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1510
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: B452A184C0C459DF
x-amz-id-2: RWlOCtRYAIHXiB3vsU9zP0lrU0TEXiBNV/8qHHzTxgglsYPEp4vEMhmdixD0QvmRugHFinrp9/w=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5581
content-type: application/javascript
expires: Fri, 16 Oct 2020 17:27:57 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 45ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3cb5162e19d9c6ecb634881fc079ab3aa8e9855a7bc164a830730a752a73e440

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:06 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 02:14:47 GMT
x-msedge-ref: Ref A: FB8AB63256E74637A368A6A1BCF6D83C Ref B: FRAEDGE1518 Ref C: 2020-10-16T17:48:07Z
status: 200
etag: "80553cb189dd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8318

GET
H2

200

s34440291228406
harlandclarke.d1.sc.omtrdc.net/b/ss/hccitm/1/H.24.1/
Redirect Chain

https://harlandclarke.d1.sc.omtrdc.net/b/ss/hccitm/1/H.24.1/s34440291228406?AQB=1&ndh=1&t=16%2F9%2F2020%2019%3A48%3A6%205%20-120&ce=UTF-8&ns=harlandclarke&pageName=line%20-%20Disney%20Micro%20Site%...
https://harlandclarke.d1.sc.omtrdc.net/b/ss/hccitm/1/H.24.1/s34440291228406?AQB=1&pccr=true&vidn=2FC4EE6B8515E835-60000AC90FEB3CD0&ndh=1&t=16%2F9%2F2020%2019%3A48%3A6%205%20-120&ce=UTF-8&ns=harland...

43 B
300 B

68ms
68ms

Image
image/gif

15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://harlandclarke.d1.sc.omtrdc.net/b/ss/hccitm/1/H.24.1/s34440291228406?AQB=1&pccr=true&vidn=2FC4EE6B8515E835-60000AC90FEB3CD0&ndh=1&t=16%2F9%2F2020%2019%3A48%3A6%205%20-120&ce=UTF-8&ns=harlandclarke&pageName=line%20-%20Disney%20Micro%20Site%20Checks%20Page&g=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&cc=USD&ch=Consumer&server=secure.checksinthemail.com(SA1W-WEBQE2-P1)&pageType=line&v0=MLMM91-1&c1=Consumer%3ADisney%20Micro%20Site%20Checks%20Page&c2=Consumer%3ADisney%20Micro%20Site%20Checks%20Page&c4=Consumer&v10=New&v14=Friday%20-%2012%3A30PM&v22=194.99.105.99&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
x-content-type-options: nosniff
x-c: master-1397.I728fb3.M0-462
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 17 Oct 2020 17:48:07 GMT
server: jag
xserver: anedge-7b84d8c678-hftkz
etag: 3442138160779591680-4621725829556188352
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 15 Oct 2020 17:48:07 GMT

Redirect headers

date: Fri, 16 Oct 2020 17:48:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
x-c: master-1397.I728fb3.M0-462
p3p: CP="This is not a P3P policy"
status: 302
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 17 Oct 2020 17:48:07 GMT
server: jag
xserver: anedge-7b84d8c678-p655w
content-type: text/plain;charset=utf-8
location: https://harlandclarke.d1.sc.omtrdc.net/b/ss/hccitm/1/H.24.1/s34440291228406?AQB=1&pccr=true&vidn=2FC4EE6B8515E835-60000AC90FEB3CD0&ndh=1&t=16%2F9%2F2020%2019%3A48%3A6%205%20-120&ce=UTF-8&ns=harlandclarke&pageName=line%20-%20Disney%20Micro%20Site%20Checks%20Page&g=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&cc=USD&ch=Consumer&server=secure.checksinthemail.com(SA1W-WEBQE2-P1)&pageType=line&v0=MLMM91-1&c1=Consumer%3ADisney%20Micro%20Site%20Checks%20Page&c2=Consumer%3ADisney%20Micro%20Site%20Checks%20Page&c4=Consumer&v10=New&v14=Friday%20-%2012%3A30PM&v22=194.99.105.99&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 15 Oct 2020 17:48:07 GMT

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
secure.checksinthemail.com/includes/fonts/bootstrap/ 18 KB
18 KB 189ms
189ms Font
application/font-woff2 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checksinthemail.com/includes/fonts/bootstrap/glyphicons-halflings-regular.woff2

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/includes/css/citm.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/includes/css/citm.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
Last-Modified: Tue, 10 May 2016 22:28:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "066973cbabd11:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/font-woff2
Accept-Ranges: bytes
Content-Length: 18028

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/ 35 B
392 B 28ms
14ms Image
image/gif 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=816105454&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Disney%20Character%20Personal%20Checks%20%7C%20Checks%20In%20The%20Mail&utmhn=secure.checksinthemail.com&utmhid=1943336694&utmr=-&utmp=/index_promo.aspx?code=MLMM91-1&utmac=UA-1628616-1&utmcc=__utma%3D267864076.816105454.1602870487.1602870487.1602870487.1%3B%2B__utmz%3D267864076.1602870487.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 18:03:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85478
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1946
date: Fri, 16 Oct 2020 17:15:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 16 Oct 2020 19:15:41 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8332934&l=dataLayer&cx=c

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5934f2ecc0bb272607a413166ec3271055aeb290053737ab3fb2867f42ad5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37897
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Oct 2020 17:48:07 GMT

GET
H3-Q050

200

activityi;dc_pre=CIa3mvDVuewCFUwFiwodzsMOkw;src=8332934;type=pagev0;cat=up01;ord=4653753076420;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.a...
8332934.fls.doubleclick.net/ Frame CDA4
Redirect Chain

https://8332934.fls.doubleclick.net/activityi;src=8332934;type=pagev0;cat=up01;ord=4653753076420;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo...
https://8332934.fls.doubleclick.net/activityi;dc_pre=CIa3mvDVuewCFUwFiwodzsMOkw;src=8332934;type=pagev0;cat=up01;ord=4653753076420;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure...

0
0

129ms
74ms

Document
text/html

216.58.205.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8332934.fls.doubleclick.net/activityi;dc_pre=CIa3mvDVuewCFUwFiwodzsMOkw;src=8332934;type=pagev0;cat=up01;ord=4653753076420;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8332934

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f230.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8332934.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIa3mvDVuewCFUwFiwodzsMOkw;src=8332934;type=pagev0;cat=up01;ord=4653753076420;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 16 Oct 2020 17:48:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 413
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Oct-2020 18:03:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 16 Oct 2020 17:48:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8332934.fls.doubleclick.net/activityi;dc_pre=CIa3mvDVuewCFUwFiwodzsMOkw;src=8332934;type=pagev0;cat=up01;ord=4653753076420;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

activityi;dc_pre=CPy4mvDVuewCFRafdwodhYANKg;src=8332934;type=pagev0;cat=adclk01;ord=8915722104250;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_prom...
8332934.fls.doubleclick.net/ Frame 864A
Redirect Chain

https://8332934.fls.doubleclick.net/activityi;src=8332934;type=pagev0;cat=adclk01;ord=8915722104250;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_pr...
https://8332934.fls.doubleclick.net/activityi;dc_pre=CPy4mvDVuewCFRafdwodhYANKg;src=8332934;type=pagev0;cat=adclk01;ord=8915722104250;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsec...

0
0

128ms
75ms

Document
text/html

216.58.205.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8332934.fls.doubleclick.net/activityi;dc_pre=CPy4mvDVuewCFRafdwodhYANKg;src=8332934;type=pagev0;cat=adclk01;ord=8915722104250;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8332934

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f230.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8332934.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPy4mvDVuewCFRafdwodhYANKg;src=8332934;type=pagev0;cat=adclk01;ord=8915722104250;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 16 Oct 2020 17:48:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 415
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Oct-2020 18:03:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 16 Oct 2020 17:48:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8332934.fls.doubleclick.net/activityi;dc_pre=CPy4mvDVuewCFRafdwodhYANKg;src=8332934;type=pagev0;cat=adclk01;ord=8915722104250;gtm=2od9u1;auiddc=1730283170.1602870487;~oref=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET goat.php
www.ic-live.com/ 0
0

GET ntpagetag.gif
pt000170.unica.com/ 0
0

GET
H2 200 l
use.typekit.net/af/3fb4ba/000000000000000000014767/27/ 43 KB
43 KB 37ms
13ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3fb4ba/000000000000000000014767/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n7&v=3
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 7b0269e7d0f94d45f4e19691bd564a72d78e649be44c07a5311bb17d12b35a33

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
server: nginx
etag: "33f5369eba6e7676f16a17ad86583c4151ad4502"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 43592

GET
H2 200 l
use.typekit.net/af/c5635c/000000000000000000015891/27/ 22 KB
22 KB 40ms
17ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c5635c/000000000000000000015891/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: db49e712e015e63beb9cea408086b680e7f2ad5e6d52c989e390b4687bf111ee

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
server: nginx
etag: "6110c5c8fc0ecf8dc9c5e565a64c2de4248b904c"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 22060

GET
H2 200 l
use.typekit.net/af/8254f0/000000000000000000015892/27/ 23 KB
23 KB 40ms
17ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8254f0/000000000000000000015892/27/l?subset_id=2&fvd=i4&v=3
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 9b69701e9f614c14dfdc3386807175948810bcedb8675d1c2cd1191626843519

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
server: nginx
etag: "e896ce026e8330f6401eda929474915138834616"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23068

GET
H2 200 l
use.typekit.net/af/a6803e/000000000000000000015893/27/ 22 KB
22 KB 35ms
12ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a6803e/000000000000000000015893/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: eb5baf160cbd0646721bdbc631519044223c01746b2d18ea19caff981aee6f7f

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
server: nginx
etag: "8643b5ab7a706226461b7d0cb5eb924b036bf9d6"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 22488
x-akamai-path-stats: [1:110:890]

GET
H2 200 l
use.typekit.net/af/c80a33/000000000000000000015894/27/ 23 KB
23 KB 116ms
93ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c80a33/000000000000000000015894/27/l?subset_id=2&fvd=i5&v=3
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 52b2cfc922f8fd4afac0314688e04cb96b11897dc05b7b200e6b3558a3ccf99e

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
server: nginx
etag: "b6861953d3a92f644ec3c576c48abc6d016b368d"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23652
x-akamai-path-stats: [1:171:829]

GET
H2 200 l
use.typekit.net/af/dabff9/00000000000000000001588f/27/ 22 KB
22 KB 30ms
8ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dabff9/00000000000000000001588f/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: ba298842b10c4ea875fec652a5de0211a5765947216cbc2b1d87bf6cdeb4de50

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
server: nginx
etag: "030b9501f208bee8a9f3d03f29d9fef48520a96b"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 22224
x-akamai-path-stats: [3:106071:6929],[1:7892:4294960404]

GET
H2 200 l
use.typekit.net/af/600d5d/000000000000000000015890/27/ 23 KB
23 KB 30ms
8ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/600d5d/000000000000000000015890/27/l?subset_id=2&fvd=i3&v=3
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: d21bc590e5cd26c66db3d97fc56903d3600772fa3c24be9c2965a2e5f4ab53c1

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
server: nginx
etag: "c545863dc43a334658473740efaa2010dfea143d"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23368

GET
H2 200 l
use.typekit.net/af/db612c/000000000000000000015895/27/ 23 KB
23 KB 29ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/db612c/000000000000000000015895/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1269e5a2c9213b6b2159a45778f77203fb67af039cff192694f676bc70af17bb

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
server: nginx
etag: "967e1e1a6f43074e31149b3830f0e451d48125f0"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23152
x-akamai-path-stats: [1:122:878]

GET
H2 200 l
use.typekit.net/af/3297b1/000000000000000000015896/27/ 23 KB
24 KB 27ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3297b1/000000000000000000015896/27/l?subset_id=2&fvd=i7&v=3
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: a612dcc22ce16c9a4f105bbada3bf22a75d8efb3839f07f592f62e41d6c4d1eb

Request headers

Origin: https://secure.checksinthemail.com
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
server: nginx
etag: "078c10706a817ada079aa1e6af9011d95dff1f95"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23964
x-akamai-path-stats: [1:229:771]

GET
H2 200 175472153751412 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/175472153751412?v=2.9.27&r=stable

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

70ca570305a38be2e2994376835075f2bc0ac656756e8eca18ea13779035837d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: wMG2Ubv9ebQ3b0PKMXwhJlTEwNTHxjbYZc+1X1jaPYw8XR51Wz80bjjkWnJNEpAZeXnJ9dzN8zfG9wlWTQ4gzA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 16 Oct 2020 17:48:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 127 B
836 B 288ms
155ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&s=67324

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14d71cbd5b38f01f54bd33b8a89d1d0762eb8afde2fdbd518383b6a9dedac046

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 05d41fc1b900001e91fe84c000000001
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=20&lkg-time=1602870488"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://secure.checksinthemail.com
access-control-allow-credentials: true
cf-ray: 5e339be2cad31e91-AMS
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 11600.json Show response
s.yimg.com/wi/config/ 2 B
493 B 159ms
125ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/11600.json

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 6E4892F7BBF84D10
x-amz-id-2: hoex+aOoxAvSHI0YZxZmWzjlrsODSk4O3lONYqFzv1vAuAP2MyJvtjkj2ha2IKtMUoah3ShacgM=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 204 0
bat.bing.com/action/ 0
170 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5282837&Ver=2&mid=28d6041e-c74f-497a-b8b3-ab60f161ac05&sid=bfb39c200fd711eb81d7a34d05e0e553&vid=bfb435800fd711ebb5fc9b6a27e31c83&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Disney%20Character%20Personal%20Checks%20%7C%20Checks%20In%20The%20Mail&p=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&r=&lt=2905&evt=pageLoad&msclkid=N&sv=1&rn=725147
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 16 Oct 2020 17:48:07 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 53D3395928034814A8CD71A3C97AA7A2 Ref B: FRAEDGE1518 Ref C: 2020-10-16T17:48:07Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
73 B 14ms
14ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1943336694&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&ul=en-us&de=windows-1252&dt=Disney%20Character%20Personal%20Checks%20%7C%20Checks%20In%20The%20Mail&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=267864076.816105454.1602870487.1602870487.1602870487.1&_utmz=267864076.1602870487.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1602870487378&_u=oSBCAUABAAAAAC~&jid=657956994&gjid=791160421&cid=816105454.1602870487&tid=UA-1628616-1&_gid=1046589379.1602870487&_r=1&cd2=&gtm=2ou9u1&z=1392497988

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 17:48:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.checksinthemail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17558 Show response
api.omappapi.com/v2/embed/ 3 KB
2 KB 327ms
189ms XHR
application/json 99.86.243.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/17558
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-32.vie50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: cac870a27bac2efc159d2f96b87aec5d2d489aee5bcf79c927481ba64ddff185

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: VIE50-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
status: 200
access-control-allow-headers: X-CSRF-Token
x-optinmonster-account: 2530
x-user-agent: standard--
last-modified: Thu, 27 Sep 2018 19:35:53 GMT
server: Pagely Gateway/1.5.1
etag: W/"4495d7c7e45cc3278b74a55c4875cf47"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: 9Lf-XQVq1xOvcQ3hr2pLeCAuEDaX1E85YUngbWoQYYCTJMtcPcTusQ==
expires: Fri, 16 Oct 2020 17:41:22 GMT

GET
H2 200 17558 Show response
api.omappapi.com/v2/embed/ 3 KB
2 KB 310ms
191ms XHR
application/json 99.86.243.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/17558
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-32.vie50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: cac870a27bac2efc159d2f96b87aec5d2d489aee5bcf79c927481ba64ddff185

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: VIE50-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
status: 200
access-control-allow-headers: X-CSRF-Token
x-optinmonster-account: 2530
x-user-agent: standard--
last-modified: Thu, 27 Sep 2018 19:35:53 GMT
server: Pagely Gateway/1.5.1
etag: W/"4495d7c7e45cc3278b74a55c4875cf47"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: tT4IkEEx7X_nMfcCWMKzJaNlNXaRbaHPh83ylgjFao-7w1J_lIy9pA==
expires: Fri, 16 Oct 2020 17:41:22 GMT

GET
H2 200 ijs_all_modules_1d1ad65e074ab9de6345bd93d9f10fc2.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 457 KB
108 KB 54ms
32ms Script
text/javascript 2606:4700:10::6816:47ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_1d1ad65e074ab9de6345bd93d9f10fc2.js
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:47ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6ca9f0e1660e86a3de43d6a367e24f8e63de4f8a17bd742235a09c50a17833c

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 86173
x-guploader-uploadid: ABg5-UxnK2X8GslCWuJYHhcNhBTw6klQLXtQcKwLtzI97zKsVx3WlbXQYgBXmOmFPNerWdu6Q-ToagaK6pSLbRfSiws9HMXalQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 109581
cf-request-id: 05d41fc1a80000c2eaaf15d000000001
last-modified: Thu, 15 Oct 2020 17:51:50 GMT
server: cloudflare
etag: "a528235cd4a1cd219954b984ac1a065b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=CNaY9g==, md5=pSgjXNShzSGZVLmErBoGWw==
x-goog-generation: 1602784310574617
access-control-allow-origin: *
content-type: text/javascript
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 109581
accept-ranges: bytes
cf-ray: 5e339be2ad1ac2ea-FRA
expires: Fri, 15 Oct 2021 17:51:53 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
97 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-1628616-1&cid=816105454.1602870487&jid=657956994&gjid=791160421&_gid=1046589379.1602870487&_u=oSBCAUAAAAAAAC~&z=1623024081

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Oct 2020 17:48:07 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.checksinthemail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
182 B 31ms
9ms Image
image/gif 2a02:26f0:10c:5a4::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=rhd4ymf&ht=tk&h=secure.checksinthemail.com&f=22488.22489.22490.22491.22492.22493.22494.22495.22496&a=3897140&js=1.20.0&app=typekit&e=js&_=1602870487463
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5a4::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
last-modified: Wed, 24 Jun 2020 21:05:53 GMT
server: nginx
etag: "5ef3c031-23"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 30ms
30ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-1628616-1&cid=816105454.1602870487&jid=657956994&_u=oSBCAUAAAAAAAC~&z=1258209290

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 17:48:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 31ms
31ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-1628616-1&cid=816105454.1602870487&jid=657956994&_u=oSBCAUAAAAAAAC~&z=1258209290

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 17:48:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=175472153751412&ev=PageView&dl=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&rl=&if=false&ts=1602870487499&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602870487497.902975444&it=1602870487311&coo=false&rqm=GET

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Oct 2020 17:48:07 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
857 B 87ms
87ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2016%20Oct%202020%2017%3A48%3A07%20GMT&n=-2d&b=Disney%20Character%20Personal%20Checks%20%7C%20Checks%20In%20The%20Mail&.yp=11600&f=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&enc=windows-1252&tagmgr=gtm

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:07 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 16 Oct 2020 17:48:07 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/46818851/configuration/applications/taglets/ 250 KB
90 KB 92ms
92ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/46818851/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: f449b919c29c912127ef7d84af7c11a1102610a2b942eb84807e4eaac023a792

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame CE05 0
0 36ms
36ms Document
text/html 2606:4700:10::6816:47ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:47ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: assets.bounceexchange.com
:scheme: https
:path: /assets/bounce/local_storage_frame16.min.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Response headers

status: 200
date: Fri, 16 Oct 2020 17:48:07 GMT
content-type: text/html
set-cookie: __cfduid=d8eeda81dca9fd1cf9914be582027a1461602870487; expires=Sun, 15-Nov-20 17:48:07 GMT; path=/; domain=.bounceexchange.com; HttpOnly; SameSite=Lax
x-guploader-uploadid: ABg5-Uz2CpeE1lG0WTBHwnXJEWJRdyk14cXiFqD_moQhfsEiI_QUhN6XmM2gq2uc5N1sAupTnjBfy-EPMo4k9SsGctZQeqM9IQ
expires: Sat, 16 Oct 2021 17:26:20 GMT
last-modified: Thu, 15 Oct 2020 17:06:27 GMT
x-goog-generation: 1602781587593984
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1055
x-goog-hash: crc32c=8dCs7w== md5=f/nX2jyKdQRoo/AqX5LCJQ==
x-goog-storage-class: MULTI_REGIONAL
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 1307
cache-control: public,max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 05d41fc1ee0000c2ead0250000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5e339be31dfbc2ea-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/46818851/configuration/setting/accountproperties/ 4 KB
1 KB 103ms
33ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/46818851/configuration/setting/accountproperties/?cb=lpCb59890x66236
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 252c3f2cc29c8b9509201994bcd2ad7ef6d064cdb81aa3750f6122b980c5f884

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Fri, 16 Oct 2020 17:49:07 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/46818851/configuration/le-campaigns/ 9 KB
1 KB 98ms
32ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/46818851/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 59cd5ceebe3d3ec9f2a0636baa8d9c7e9cdf4a73d9424caefa6c8ca953343796

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:07 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Fri, 16 Oct 2020 17:49:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=175472153751412&ev=Microdata&dl=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&rl=&if=false&ts=1602870489002&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Disney%20Character%20Personal%20Checks%20%7C%20Checks%20In%20The%20Mail%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1602870489001.1722719218&it=1602870487311&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Oct 2020 17:48:09 GMT

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/ Frame F98E 0
0 99ms
21ms Document
text/html 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fsecure.checksinthemail.com&site=46818851&env=prod
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fsecure.checksinthemail.com&site=46818851&env=prod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1

Response headers

status: 200
date: Fri, 16 Oct 2020 17:48:09 GMT
content-type: text/html
last-modified: Mon, 30 Mar 2020 14:49:28 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Fri, 16 Oct 2020 17:58:09 GMT
cache-control: max-age=600

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/ 37 KB
15 KB 21ms
21ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.js?loc=https%3A%2F%2Fsecure.checksinthemail.com&site=46818851&force=1&env=prod
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 90db019114bcb830c53464def2150205998e91e2f57435919648a90bde2a9805

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:09 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 14:49:28 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 16 Oct 2020 17:58:09 GMT

GET
H2 200 46818851 Show response
va.v.liveperson.net/api/js/ 604 B
1 KB 1501ms
1018ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/46818851?&cb=lpCb41323x17698&t=sp&ts=1602870487696&pid=1102558136&tid=920038916&pt=Disney%20Character%20Personal%20Checks%20%7C%20Checks%20In%20The%20Mail&u=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 1957dbfc2c7f6be1b3c96831ca5b093bd136d468e5f06c5ab664bab6512fc6a7

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 slider.js Show response
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 7 KB
3 KB 22ms
21ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/slider.js?_v=3.42.0.2-release_5022
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 65b9b19b1c99e6899dbbc1441da63815315a6b41e6f2213f8f40a5f0b247202a

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 12:50:18 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 16 Oct 2020 17:58:11 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 30 KB
12 KB 22ms
22ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 12:50:18 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 16 Oct 2020 17:58:11 GMT

GET
H2 200 476 Show response
accdn.lpsnmedia.net/api/account/46818851/configuration/le-campaigns/campaigns/242685214/engagements/242685314/revision/ 5 KB
1 KB 35ms
34ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/46818851/configuration/le-campaigns/campaigns/242685214/engagements/242685314/revision/476?v=3.0&cb=lp242685314&flavor=dependency
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: d3be4f6fa97d7951e27b70611616a405817ac72cb21856c6902a622b4efb4ace

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Fri, 16 Oct 2020 17:49:11 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/46818851/configuration/setting/accountproperties/ 4 KB
1 KB 17ms
16ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/46818851/configuration/setting/accountproperties/?cb=lpCb84754x10027
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 7cf0b66964297902bd043f8d4b47e5e456627af7a969ac56131d587d34673dd5

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Fri, 16 Oct 2020 17:49:07 GMT

GET
H2 200 46818851 Show response
va.v.liveperson.net/api/js/ 111 B
852 B 259ms
258ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/46818851?sid=l0-gHpkvTYClVu8xpG3Ohw&cb=lpCb71249x62497&t=pl&ts=1602870489899&pid=1102558136&tid=920038916&vid=NjOWQ3ZDhlYzNkYWRjMzky
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: c25593a1f6c821232ad51fb2f6913aadd3e9eef38312a203d1ef1ff2f4193f7b

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 240215714 Show response
accdn.lpsnmedia.net/api/account/46818851/configuration/engagement-window/window-confs/ 3 KB
1 KB 19ms
19ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/46818851/configuration/engagement-window/window-confs/240215714?cb=lpCb74779x78499
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: d0efa7c1b6d16759f1ac5d24ca3248d9995f53317af77cdb9937dcc799c4d41a

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Fri, 16 Oct 2020 17:49:11 GMT

GET
H2 200 slide_out_separator_s.png
lpcdn.lpsnmedia.net/gallery/libraries/content/styles/ 1017 B
2 KB 91ms
90ms Image
image/png 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpcdn.lpsnmedia.net/gallery/libraries/content/styles/slide_out_separator_s.png
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 573aeb4c0366f13cc49d974c64a17b41f0e52ef293805e902521d64e93f187d3

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
last-modified: Wed, 19 Aug 2020 12:49:34 GMT
server: ws
etag: c697737f50f7c09b9fbd4e6bc5e7b401
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: image/png
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 1017
expires: Fri, 16 Oct 2020 17:58:11 GMT

GET
H2 200 blonde_round.png
lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/ 20 KB
20 KB 93ms
92ms Image
image/png 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/blonde_round.png
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 41b6ed1823912506e6d85065c8154fe4ddb2c822f263616e4278c239073da46c

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
last-modified: Wed, 19 Aug 2020 12:49:25 GMT
server: ws
etag: 4f164ddeaf9fd4ff64f320c910f9ee80
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: image/png
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 20124
expires: Fri, 16 Oct 2020 17:58:11 GMT

GET
H2 200 small_chat_bubble.png
lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/ 1 KB
2 KB 78ms
77ms Image
image/png 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/small_chat_bubble.png
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: a0a0d29bd3ebbe0e07f8addb2431cbb4b61423a69286125facb049b4ddad56a1

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
last-modified: Wed, 19 Aug 2020 12:49:26 GMT
server: ws
etag: 86567a488665b51cf0c176dceaceb884
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: image/png
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 1471
expires: Fri, 16 Oct 2020 17:58:11 GMT

GET
H2 200 slide_pin_online1252-right.png
lpcdn.lpsnmedia.net/gallery/libraries/content/slide_pins/ 3 KB
4 KB 23ms
22ms Image
image/png 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpcdn.lpsnmedia.net/gallery/libraries/content/slide_pins/slide_pin_online1252-right.png
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 5d9157add506e92953f1ec1a32c22dcbe662e9eb3b811223fe39053aedc99025

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
last-modified: Wed, 19 Aug 2020 12:49:32 GMT
server: ws
etag: 059277f2cbce930a7cd9812f2e34e292
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: image/png
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 3478
expires: Fri, 16 Oct 2020 17:58:11 GMT

GET
H2 200 46818851 Show response
va.v.liveperson.net/api/js/ 41 B
791 B 302ms
301ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/46818851?sid=l0-gHpkvTYClVu8xpG3Ohw&cb=lpCb9821x62053&t=uc&ts=1602870491564&pid=1102558136&tid=920038916&vid=NjOWQ3ZDhlYzNkYWRjMzky&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A242685214%2C%22engId%22%3A242685314%2C%22revision%22%3A476%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 456b09ebbc5c27c30602fdab69578ed889d8e5be0c4f100d2593a276d2d532dd

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:11 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 nr-spa-1184.min.js Show response
js-agent.newrelic.com/ 37 KB
14 KB 151ms
52ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1184.min.js
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:12 GMT
content-encoding: gzip
x-amz-request-id: 2960DA40456E14E6
x-cache: HIT
status: 200
content-length: 14379
x-amz-id-2: wS6r9WUVj1l5MBjRVwAJzKOEp6UXQLyE7e0btSq7fLxjMcVuqEyKg9aAEN5YMLEn5dFIloaDC2s=
x-served-by: cache-hhn4066-HHN
last-modified: Mon, 28 Sep 2020 16:34:47 GMT
server: AmazonS3
x-timer: S1602870492.096602,VS0,VE0
etag: "6b93dbf34696df852c6d69d1652851de"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2732

GET
H/1.1 200
OK JO_1-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 31 KB
31 KB 187ms
185ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/JO_1-lg.jpg.ashx?width=450&format=jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

fa2363ca700e6857e27427966fef287e8fd927877a6b989c8c3132e6167ec786

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:11 GMT
Last-Modified: Wed, 19 Feb 2020 14:28:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e1b759e730e7d51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 31695

GET
H/1.1 200
OK QL_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 30 KB
30 KB 199ms
198ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/QL_01-lg.jpg.ashx?width=450&format=jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e28480f0b199e4480e6f43ce075f0981c5a679b5b44a37f53b91be35df0c13f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:11 GMT
Last-Modified: Thu, 16 Jan 2020 18:52:01 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e04daf99eccd51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 30715

GET
H/1.1 200
OK OZ_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 31 KB
31 KB 180ms
178ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/OZ_01-lg.jpg.ashx?width=450&format=jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

2a1fb2b005105ceb03e245e82309db7093f4c6a9398cff165a89cac76a92e3a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:11 GMT
Last-Modified: Fri, 22 Nov 2019 15:10:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1df77cf446a1d51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 31932

GET
H/1.1 200
OK 6Q_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 31 KB
31 KB 198ms
196ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/6Q_01-lg.jpg.ashx?width=450&format=jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

d7173396ad34f6cce7a97c0dc5db9e74960db94ebb111c7433126ea964dd447d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:11 GMT
Last-Modified: Tue, 27 Aug 2019 18:13:55 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9bda123035dd51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 31591

GET
H/1.1 200
OK UY_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 31 KB
32 KB 184ms
183ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/UY_01-lg.jpg.ashx?width=450&format=jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

c6141d36d3e861520567fb38b977cedc831170ef4ab8fa0a797f9c8fad875caf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:11 GMT
Last-Modified: Tue, 27 Aug 2019 18:18:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "3c0dade35dd51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 32017

GET
H/1.1 200
OK 3R_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 37 KB
38 KB 181ms
180ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/3R_01-lg.jpg.ashx?width=450&format=jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1d657f092e7246d0e127aa97469f76366ba2a9d50179f6931281ed957f164dd5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:11 GMT
Last-Modified: Thu, 24 Oct 2019 13:31:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c5c022486f8ad51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 38310

GET
H/1.1 200
OK WQ_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 30 KB
31 KB 186ms
185ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/WQ_01-lg.jpg.ashx?width=450&format=jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b95d54a7bfda4625b6db1cdd2f0216570254e703f2df11e0862c5c90551309f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Wed, 20 Feb 2019 19:54:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4548b1756c9d41:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 31154

GET
H/1.1 200
OK VP_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 32 KB
32 KB 189ms
189ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/VP_01-lg.jpg.ashx?width=450&format=jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

0a086904d37a6ca046dfa1eaee58cde4a003f132a1d1f066a6ff1a1dedc09382

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Mon, 29 Oct 2018 19:32:55 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c532c230be6fd41:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 32464

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
289 B 178ms
75ms Script
text/html 35.227.229.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?tojQ=function&cts=1602870491981&tzo=-120&website_id=2158&resolution=1600x1200&referrer=&calling_url=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&visit_cookie=%7B%22lp%22%3A%22https%253A%252F%252Fsecure.checksinthemail.com%252Findex_promo.aspx%253Fcode%253DMLMM91-1%22%2C%22r%22%3A%22%22%7D&cookie=%7B%22v%22%3A%7B%22business_or_personal%22%3Afalse%2C%22items_in_cart%22%3A0%2C%22cart_value%22%3A0%2C%22previous_customer%22%3Afalse%2C%22coupon_applied%22%3Afalse%2C%22ibx_test%22%3Afalse%2C%22email_submitted%22%3Afalse%2C%22cart_set%22%3Afalse%7D%7D&vars[business_or_personal]=false&vars[is_business_pd_page]=false&vars[high_security_pd_page]=false&vars[items_in_cart]=0&vars[cart_value]=0&vars[previous_customer]=false&vars[is_deposit_ticket]=false&vars[is_check_product]=false&vars[coupon_applied]=false&vars[ibx_test]=false&vars[email_submitted]=false&vars[fraud_service_checked]=false&vars[cart_set]=false&vdef[cart_value]=0&vdef[coupon_applied]=false&vdef[ibx_test]=false&vdef[cart_set]=false&cookie_too_large=false&bp=0&etp=[]&pts=&compliance_flag=
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.229.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.229.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:12 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200
content-type: text/html; charset=UTF-8
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK 2e6d85aa73 Show response
bam.nr-data.net/1/ 57 B
275 B 595ms
149ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/2e6d85aa73?a=124778229&v=1184.ab39b52&to=MlFbMUFWWhBRUE1QDAsbeDZjGF0NVFZBZhMXW1QKHVZHE0g%3D&rst=7769&ck=1&ref=https://secure.checksinthemail.com/index_promo.aspx&ap=147&be=1854&fe=7583&dc=2894&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1602870484385,%22n%22:0,%22f%22:848,%22dn%22:849,%22dne%22:849,%22c%22:849,%22s%22:899,%22ce%22:1496,%22rq%22:1496,%22rp%22:1838,%22rpe%22:2128,%22dl%22:1841,%22di%22:2894,%22ds%22:2894,%22de%22:2905,%22dc%22:7583,%22l%22:7583,%22le%22:7596%7D,%22navigation%22:%7B%7D%7D&fp=2671&fcp=2671&jsonp=NREUM.setToken
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H/1.1 200
OK UY_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 31 KB
32 KB 301ms
185ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/UY_01-lg.jpg.ashx?width=450&format=jpg

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/includes/javascript/citm.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

c6141d36d3e861520567fb38b977cedc831170ef4ab8fa0a797f9c8fad875caf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Tue, 27 Aug 2019 18:18:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "3c0dade35dd51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 32017

GET
H/1.1 200
OK JO_1-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 31 KB
31 KB 307ms
183ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/JO_1-lg.jpg.ashx?width=450&format=jpg

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/includes/javascript/citm.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

fa2363ca700e6857e27427966fef287e8fd927877a6b989c8c3132e6167ec786

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Wed, 19 Feb 2020 14:28:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e1b759e730e7d51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 31695

GET
H/1.1 200
OK OZ_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 31 KB
31 KB 188ms
180ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/OZ_01-lg.jpg.ashx?width=450&format=jpg

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/includes/javascript/citm.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

2a1fb2b005105ceb03e245e82309db7093f4c6a9398cff165a89cac76a92e3a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Fri, 22 Nov 2019 15:10:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1df77cf446a1d51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 31932

GET
H/1.1 200
OK QL_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 30 KB
30 KB 194ms
194ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/QL_01-lg.jpg.ashx?width=450&format=jpg

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/includes/javascript/citm.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e28480f0b199e4480e6f43ce075f0981c5a679b5b44a37f53b91be35df0c13f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Thu, 16 Jan 2020 18:52:01 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e04daf99eccd51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 30715

GET
H/1.1 200
OK 3R_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 37 KB
38 KB 226ms
184ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/3R_01-lg.jpg.ashx?width=450&format=jpg

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/includes/javascript/citm.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1d657f092e7246d0e127aa97469f76366ba2a9d50179f6931281ed957f164dd5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Thu, 24 Oct 2019 13:31:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c5c022486f8ad51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 38310

GET
H/1.1 200
OK 6Q_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 31 KB
31 KB 237ms
182ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/6Q_01-lg.jpg.ashx?width=450&format=jpg

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/includes/javascript/citm.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

d7173396ad34f6cce7a97c0dc5db9e74960db94ebb111c7433126ea964dd447d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Tue, 27 Aug 2019 18:13:55 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9bda123035dd51:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 31591

GET
H/1.1 200
OK WQ_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 30 KB
31 KB 310ms
183ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/WQ_01-lg.jpg.ashx?width=450&format=jpg

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/includes/javascript/citm.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b95d54a7bfda4625b6db1cdd2f0216570254e703f2df11e0862c5c90551309f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Wed, 20 Feb 2019 19:54:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4548b1756c9d41:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 31154

GET
H/1.1 200
OK VP_01-lg.jpg.ashx
secure.checksinthemail.com/images/products/large/ 32 KB
32 KB 297ms
184ms Image
image/jpeg 12.190.117.102
HARLANDCLARKE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.checksinthemail.com/images/products/large/VP_01-lg.jpg.ashx?width=450&format=jpg

Requested by

Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/includes/javascript/citm.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

12.190.117.102 San Antonio, United States, ASN21945 (HARLANDCLARKE-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

0a086904d37a6ca046dfa1eaee58cde4a003f132a1d1f066a6ff1a1dedc09382

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 17:48:12 GMT
Last-Modified: Mon, 29 Oct 2018 19:32:55 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c532c230be6fd41:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Accept-Ranges: bytes
Content-Length: 32464

GET
H2 200 46818851 Show response
va.v.liveperson.net/api/js/ 73 B
823 B 236ms
236ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/46818851?sid=l0-gHpkvTYClVu8xpG3Ohw&cb=lpCb45811x23423&t=ip&ts=1602870501665&pid=1102558136&tid=920038916&vid=NjOWQ3ZDhlYzNkYWRjMzky
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: d87b5ba6a88fee5253828474dfb95c1851f31f434310c69d5add544f5fde8c9f

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 17:48:21 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 200
OK 2e6d85aa73 Show response
bam.nr-data.net/events/1/ 24 B
193 B 169ms
169ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/2e6d85aa73?a=124778229&v=1184.ab39b52&to=MlFbMUFWWhBRUE1QDAsbeDZjGF0NVFZBZhMXW1QKHVZHE0g%3D&rst=17768&ck=1&ref=https://secure.checksinthemail.com/index_promo.aspx
Requested by: Host: secure.checksinthemail.com
URL: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://secure.checksinthemail.com/index_promo.aspx?code=MLMM91-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://secure.checksinthemail.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ic-live.com
URL: https://www.ic-live.com/goat.php?cID=1559&cdid=5077&campID=8&ic_cat=&ic_type=&ic_bu=&ic_bc=&ic_ch=&ic_nso=&altid=&refVar=

Domain: pt000170.unica.com
URL: https://pt000170.unica.com/ntpagetag.gif?js=1&ts=1602870487275.629&lc=https%3A%2F%2Fsecure.checksinthemail.com%2Findex_promo.aspx%3Fcode%3DMLMM91-1&rs=1600x1200&cd=24&ln=en&tz=GMT%20%2B02%3A00&jv=0&site=ChecksInTheMail.com&qc=1

Verdicts & Comments Add Verdict or Comment

322 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.checksinthemail.com/	1970-01-19 22:00:06	Name: LPVID Value: NjOWQ3ZDhlYzNkYWRjMzky
.checksinthemail.com/	1969-12-31 23:59:59	Name: LPSID-46818851 Value: l0-gHpkvTYClVu8xpG3Ohw
.checksinthemail.com/	1970-01-19 15:24:06	Name: _fbp Value: fb.1.1602870489001.1722719218

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8332934.fls.doubleclick.net
a.optnmnstr.com
accdn.lpsnmedia.net
api.bounceexchange.com
api.omappapi.com
assets.bounceexchange.com
bam.nr-data.net
bat.bing.com
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
harlandclarke.d1.sc.omtrdc.net
js-agent.newrelic.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
p.typekit.net
pt000170.unica.com
s.yimg.com
secure.checksinthemail.com
settings.luckyorange.net
sp.analytics.yahoo.com
ssl.google-analytics.com
stats.g.doubleclick.net
tag.bounceexchange.com
tr.subscribermail.com
use.typekit.net
va.v.liveperson.net
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ic-live.com
pt000170.unica.com
www.ic-live.com
12.190.117.102
15.188.154.177
151.101.114.110
162.247.242.18
172.67.75.100
178.249.101.23
208.89.12.87
212.82.100.181
216.58.205.230
23.111.9.213
2606:4700:10::6816:47ab
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:802::2003
2a00:1450:4001:802::2008
2a00:1450:4001:809::200e
2a00:1450:4001:819::2004
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9d
2a02:26f0:10c:5a4::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
34.120.253.250
35.227.229.34
63.240.154.84
99.86.243.32
99.86.243.86
99.86.245.136
08bd7d4fa1289063f1d71c29a48ce5820393352614d4ce4eb080e0d9a80d7467
0a086904d37a6ca046dfa1eaee58cde4a003f132a1d1f066a6ff1a1dedc09382
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1269e5a2c9213b6b2159a45778f77203fb67af039cff192694f676bc70af17bb
14d71cbd5b38f01f54bd33b8a89d1d0762eb8afde2fdbd518383b6a9dedac046
1957dbfc2c7f6be1b3c96831ca5b093bd136d468e5f06c5ab664bab6512fc6a7
1d657f092e7246d0e127aa97469f76366ba2a9d50179f6931281ed957f164dd5
252c3f2cc29c8b9509201994bcd2ad7ef6d064cdb81aa3750f6122b980c5f884
2a1fb2b005105ceb03e245e82309db7093f4c6a9398cff165a89cac76a92e3a4
31f87cff4bedcb80d674d677dc6d397f9073c8d245502fc70015914fe17340f4
340029011faca058e2c63e9b166a306a51735b8ace162d00f1244eeb98c27cf3
392bcb55c7117d98455315699ae313f9f69871c7a233aa070044c7f5544d451f
3cb5162e19d9c6ecb634881fc079ab3aa8e9855a7bc164a830730a752a73e440
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40ac7d22b8cffe622d6b87c85480f6f3d06dd11dc6560954a6873b98daf5d88c
41b6ed1823912506e6d85065c8154fe4ddb2c822f263616e4278c239073da46c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456b09ebbc5c27c30602fdab69578ed889d8e5be0c4f100d2593a276d2d532dd
47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496
4c78fc78e0615a68b39b1a0cfb2cb6bc508d064c7502b661a8d9d7f96607b838
4e37907ee5d438fb86816439efd8cad23d2360fc05220da325b608980aaa0d60
509eb5008d607b4229d2151648dedc363a66a451de26ae44ec13a270efe6a571
52b2cfc922f8fd4afac0314688e04cb96b11897dc05b7b200e6b3558a3ccf99e
573aeb4c0366f13cc49d974c64a17b41f0e52ef293805e902521d64e93f187d3
59cd5ceebe3d3ec9f2a0636baa8d9c7e9cdf4a73d9424caefa6c8ca953343796
5d9157add506e92953f1ec1a32c22dcbe662e9eb3b811223fe39053aedc99025
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
65b9b19b1c99e6899dbbc1441da63815315a6b41e6f2213f8f40a5f0b247202a
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
6af08e08f76e0d025ecaf3c179e8188259b60bcaaad7063a1353da536de1d297
70ca570305a38be2e2994376835075f2bc0ac656756e8eca18ea13779035837d
7b0269e7d0f94d45f4e19691bd564a72d78e649be44c07a5311bb17d12b35a33
7cf0b66964297902bd043f8d4b47e5e456627af7a969ac56131d587d34673dd5
82069c15edd6943dfaa59f5ac3f6acc86fd44a28fe925e410ccdcadec194a8ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90db019114bcb830c53464def2150205998e91e2f57435919648a90bde2a9805
9131bd361b2b3232941ec23c687d43c06a5f3e423108fe32f0febba595619636
91cc02b1af08dc8d0ad14ef5d7ac374970890f83cb7349e922d15b9c2acfab74
9408796b380093b3020bba8a4a0b6b480c75ab52a6c7e3e5b8531b72bc04ead8
967bcf0d949317261b1460ae7a27b35ae9e95256b6fccff96695e77feee899fa
99a6c572563af70247cb0deeba29abcd19e6c7fb613f3a2dac15f4cf8937a7ee
9b69701e9f614c14dfdc3386807175948810bcedb8675d1c2cd1191626843519
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
a0a0d29bd3ebbe0e07f8addb2431cbb4b61423a69286125facb049b4ddad56a1
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a612dcc22ce16c9a4f105bbada3bf22a75d8efb3839f07f592f62e41d6c4d1eb
a6ca9f0e1660e86a3de43d6a367e24f8e63de4f8a17bd742235a09c50a17833c
a75f877e4bad8501221e14c65bc17a2850f7406cae7903e8839f2be5d281f20d
a776d3ca96c384cafbef00aba8b430703efe63ce1abcb267f77b211082e79c01
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ef08bab839579149b00ec509adfa67e9e9980eceeaf81ece8642e79e684e6e
b5934f2ecc0bb272607a413166ec3271055aeb290053737ab3fb2867f42ad5f3
b71538ac45b767065d48a515a6465debd7dffa58b97f6e62ae0b12cbbe06c30f
b95d54a7bfda4625b6db1cdd2f0216570254e703f2df11e0862c5c90551309f1
ba298842b10c4ea875fec652a5de0211a5765947216cbc2b1d87bf6cdeb4de50
c25593a1f6c821232ad51fb2f6913aadd3e9eef38312a203d1ef1ff2f4193f7b
c2acc01fc8a5dbd8dd1e85d9c5ecd64e8ec1dc3326c18a704c172d1c2ec3a672
c45bc268461029602604f7a88c66f28b4acfed299737dee299b35f4ec7afc607
c6141d36d3e861520567fb38b977cedc831170ef4ab8fa0a797f9c8fad875caf
cac870a27bac2efc159d2f96b87aec5d2d489aee5bcf79c927481ba64ddff185
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
d0efa7c1b6d16759f1ac5d24ca3248d9995f53317af77cdb9937dcc799c4d41a
d21bc590e5cd26c66db3d97fc56903d3600772fa3c24be9c2965a2e5f4ab53c1
d2f341ecc14ae0073e3228d3f4cb87866b7b351078faa9b0146bc856fbb65548
d3be4f6fa97d7951e27b70611616a405817ac72cb21856c6902a622b4efb4ace
d7173396ad34f6cce7a97c0dc5db9e74960db94ebb111c7433126ea964dd447d
d87b5ba6a88fee5253828474dfb95c1851f31f434310c69d5add544f5fde8c9f
db49e712e015e63beb9cea408086b680e7f2ad5e6d52c989e390b4687bf111ee
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2262d06f403b5a8d65358fd91203d7195778dfd00760adb2c774488733960bd
e28480f0b199e4480e6f43ce075f0981c5a679b5b44a37f53b91be35df0c13f9
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5baf160cbd0646721bdbc631519044223c01746b2d18ea19caff981aee6f7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f449b919c29c912127ef7d84af7c11a1102610a2b942eb84807e4eaac023a792
f624fbae6a240881774731c556417c44ac66eabbd746ff4ed0e61d4ce71b2184
fa2363ca700e6857e27427966fef287e8fd927877a6b989c8c3132e6167ec786
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

secure.checksinthemail.com Open in urlscan Pro 12.190.117.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

98 %HTTPS

48 %IPv6

26 Domains

33 Subdomains

31 IPs

9 Countries

1599 kBTransfer

3254 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.checksinthemail.com Open in urlscan Pro
12.190.117.102 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

98 %
HTTPS

48 %
IPv6

26
Domains

33
Subdomains

31
IPs

9
Countries

1599 kB
Transfer

3254 kB
Size

3
Cookies

105 HTTP transactions
0 data transactions