branchoffer.com Open in urlscan Pro
198.61.246.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://branchoffer.com/sap846
Effective URL:
https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Submission Tags: falconsandbox
Submission: On August 20 via api (August 20th 2021, 2:10:45 pm UTC) from US

Summary HTTP 64 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 21 domains to perform 64 HTTP transactions. The main IP is 198.61.246.11, located in United States and belongs to RACKSPACE, US. The main domain is branchoffer.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 29th 2020. Valid for: a year.

This is the only time branchoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	198.61.246.11 198.61.246.11	19994 (RACKSPACE) (RACKSPACE)
6	2.18.233.89 2.18.233.89	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1 7	54.171.168.191 54.171.168.191	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:34fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.17.54.18 52.17.54.18	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7 7	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	34.226.109.28 34.226.109.28	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	192.243.238.253 192.243.238.253	15224 (OMNITURE) (OMNITURE)
64	18

28 198.61.246.11 (United States)

ASN19994 (RACKSPACE, US)

branchoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.89 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-89.deploy.static.akamaitechnologies.com

88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5f86b19bfd345491e541-0761b1a6395d07604af12b34740824f3.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.171.168.191 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-168-191.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.54.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-54-18.eu-west-1.compute.amazonaws.com

usbank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.sdcvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.14.49 (Frankfurt am Main, Germany) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.109.28 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-109-28.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.238.253 (United States)

ASN15224 (OMNITURE, US)

usbankmetrics.insight.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	branchoffer.com branchoffer.com	557 KB
9	demdex.net 1 redirects dpm.demdex.net usbank.demdex.net	14 KB
8	everesttech.net 8 redirects cm.everesttech.net sync-tm.everesttech.net	1 KB
6	tiqcdn.com tags.tiqcdn.com	334 KB
6	rackcdn.com 88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com 5f86b19bfd345491e541-0761b1a6395d07604af12b34740824f3.ssl.cf2.rackcdn.com 39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com	935 KB
3	doubleclick.net 2 redirects cm.g.doubleclick.net	640 B
2	google-analytics.com www.google-analytics.com	19 KB
2	rkdms.com 1 redirects mid.rkdms.com	70 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	331 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org	932 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	678 B
2	sdcvisit.com smetrics.sdcvisit.com	4 KB
2	quantummetric.com cdn.quantummetric.com	220 KB
1	omtrdc.net usbankmetrics.insight.omtrdc.net	407 B
1	pubmatic.com image2.pubmatic.com	391 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bing.com 1 redirects c.bing.com	366 B
1	twitter.com analytics.twitter.com	287 B
64	21

	Domain	Requested by
28	branchoffer.com	branchoffer.com
7	sync-tm.everesttech.net	7 redirects
7	dpm.demdex.net	1 redirects
6	tags.tiqcdn.com	branchoffer.com tags.tiqcdn.com
3	39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com	branchoffer.com
3	cm.g.doubleclick.net	2 redirects
2	www.google-analytics.com	branchoffer.com www.google-analytics.com
2	mid.rkdms.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	smetrics.sdcvisit.com	tags.tiqcdn.com
2	usbank.demdex.net	tags.tiqcdn.com
2	cdn.quantummetric.com	tags.tiqcdn.com
2	88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com	branchoffer.com
1	usbankmetrics.insight.omtrdc.net
1	5f86b19bfd345491e541-0761b1a6395d07604af12b34740824f3.ssl.cf2.rackcdn.com	branchoffer.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	c.bing.com	1 redirects
1	analytics.twitter.com
1	cm.everesttech.net	1 redirects
64	25

This site contains links to these domains. Also see Links.

Domain
online1.elancard.com
card.myaccountaccess.com
www.myaccountaccess.com

Subject Issuer	Validity	Valid
branchoffer.com Entrust Certification Authority - L1K	`2020-09-29` - `2021-10-28`	a year	crt.sh
*.ssl.cf2.rackcdn.com DigiCert SHA2 Secure Server CA	`2021-03-22` - `2022-03-30`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
smetrics.sdcvisit.com Entrust Certification Authority - L1K	`2020-07-14` - `2022-08-03`	2 years	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.rkdms.com Entrust Certification Authority - L1K	`2020-10-08` - `2021-10-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
usbankmetrics.insight.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-11-05` - `2021-11-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Frame ID: 296B91DCDCED67311F8A96E1BE1250DA
Requests: 49 HTTP requests in this frame

Frame: https://usbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 44EA0F9FA652E04FFB77543B08354DB8
Requests: 14 HTTP requests in this frame

Frame: https://usbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 35B51A709B9A6FAFB5E9A90D6525D15E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Northwest Bank Of Rockford Credit Card Index Page

Page URL History Show full URLs

https://branchoffer.com/sap846 Page URL
https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

64
Requests

100 %
HTTPS

13 %
IPv6

21
Domains

25
Subdomains

18
IPs

6
Countries

2086 kB
Transfer

5647 kB
Size

3
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://online1.elancard.com/oad/terms.controller?locationCode=00985&offerId=1VB1RM51WM&preparerType=customer#termsAndCond-details
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/terms.controller?locationCode=00985&offerId=QGX83455H6&preparerType=customer#termsAndCond-details
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/terms.controller?step=display&offerId=QGX83455H6&locationCode=00985
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/begin?locationCode=00985&offerId=QGX83455H6&preparerType=customer&sourceCode=37264
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/terms.controller?step=display&offerId=95PG8V3D3X&locationCode=00985
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/begin?locationCode=00985&offerId=95PG8V3D3X&preparerType=customer&sourceCode=41013
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/terms.controller?step=display&offerId=17P46957G3&locationCode=00985
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/begin?locationCode=00985&offerId=17P46957G3&preparerType=customer&sourceCode=37262
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/terms.controller?step=display&offerId=D6H4G9266X&locationCode=00985
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/begin?locationCode=00985&offerId=D6H4G9266X&preparerType=customer&sourceCode=37924
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/terms.controller?step=display&offerId=1VB1RM51WM&locationCode=00985
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/begin?locationCode=00985&offerId=1VB1RM51WM&preparerType=customer&sourceCode=42572
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/terms.controller?step=display&offerId=H26VQWQGRX&locationCode=00985
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/begin?locationCode=00985&offerId=H26VQWQGRX&preparerType=customer&sourceCode=41009
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/terms.controller?step=display&offerId=8B41B41GM7&locationCode=00985
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/begin?locationCode=00985&offerId=8B41B41GM7&preparerType=customer&sourceCode=37288
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/terms.controller?step=display&offerId=WPVQ9H7GPH&locationCode=00985
Title: See terms & conditions.

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/begin?locationCode=00985&offerId=WPVQ9H7GPH&preparerType=customer&sourceCode=37284
Title: Apply Now

Search URL Search Domain Scan URL

URL: https://card.myaccountaccess.com/smartbusinessVisa
Title: https://card.myaccountaccess.com/smartbusinessVisa

Search URL Search Domain Scan URL

URL: https://online1.elancard.com/oad/cmas.controller?locationCode=00985&preparerType=customer&isNewRequest=false
Title: Cardmember Agreements

Search URL Search Domain Scan URL

URL: https://www.myaccountaccess.com/onlineCard/publicPrivacyPolicy.do?loc=00985
Title: Privacy and Security

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://branchoffer.com/sap846 Page URL
https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1629468625239 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1629468625239

Request Chain 21

https://cm.everesttech.net/cm/dd?d_uuid=90576601343013880651154185583097104219 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YR_30QAAAIfiygQA

Request Chain 22

https://idsync.rlcdn.com/365868.gif?partner_uid=90576601343013880651154185583097104219 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomOTA1NzY2MDEzNDMwMTM4ODA2NTExNTQxODU1ODMwOTcxMDQyMTkQABoNCNHv_ogGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=edf62b65335ef976b6a4a5216264627970d0ebd3fb5b29b67d37e9575d7da2ebb0da87c991749652

Request Chain 23

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=OTA1NzY2MDEzNDMwMTM4ODA2NTExNTQxODU1ODMwOTcxMDQyMTk= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=OTA1NzY2MDEzNDMwMTM4ODA2NTExNTQxODU1ODMwOTcxMDQyMTk=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDYvztGzA4C3biHTKsVa7bo&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 25

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c62f7ad-1c4d-4e29-a1be-d689bb203235

Request Chain 26

https://c.bing.com/c.gif?uid=90576601343013880651154185583097104219&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=09ADEB907B3A6B341C42FB097A516AAB

Request Chain 27

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVJfMzBRQUFBSWZpeWdRQQ==

Request Chain 28

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YR_30QAAAIfiygQA&expires=90

Request Chain 29

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YR_30QAAAIfiygQA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YR_30QAAAIfiygQA&C=1

Request Chain 30

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YR_30QAAAIfiygQA HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYR_30QAAAIfiygQA

Request Chain 31

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YR_30QAAAIfiygQA HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YR_30QAAAIfiygQA

Request Chain 32

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YR_30QAAAIfiygQA

Request Chain 33

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YR_30QAAAIfiygQA&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YR_30QAAAIfiygQA&img=1&__user_check__=1&sync_id=5e2e8767-01c0-11ec-ae7f-199e6d820506

Request Chain 34

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=90576601343013880651154185583097104219&_ct=img HTTP 302
https://mid.rkdms.com/restricted

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set sap846 Show response
branchoffer.com/ 19 KB
5 KB 851ms
502ms Document
text/html 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

df8ef27e7b5aa786ff7fdd828ec82eee7e4c7f41340b08eaa7ed6ab1cab65bc4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Host: branchoffer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:23 GMT
Server: Elan CRC 1
Content-Encoding: gzip
Liferay-Portal: Liferay Portal Enterprise Edition 6.1.20 EE (Paton / Build 6120 / July 31, 2012)
Content-Type: text/html;charset=UTF-8
Content-Length: 4572
Set-Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; Path=/; Secure; HttpOnly GUEST_LANGUAGE_ID=en_US; Expires=Sat, 20-Aug-2022 14:10:23 GMT; Path=/; Secure COOKIE_SUPPORT=true; Expires=Sat, 20-Aug-2022 14:10:23 GMT; Path=/; Secure GUEST_LANGUAGE_ID=en_US; Expires=Sat, 20-Aug-2022 14:10:23 GMT; Path=/; Secure COOKIE_SUPPORT=true; Expires=Sat, 20-Aug-2022 14:10:23 GMT; Path=/; Secure
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close

GET
H/1.1 200
OK main.css
branchoffer.com/html/css/ 133 KB
23 KB 428ms
207ms Stylesheet
text/css 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1341582090000

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

96a06b6295ca49ec9528a7613135551dc2e52c5826d7c30f46d144a4126bbf62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 23151
Expires: Mon, 18 Aug 2031 14:10:24 GMT

GET
H/1.1 200
OK main.css
branchoffer.com/html/portlet/journal_content/css/ 1 KB
818 B 421ms
201ms Stylesheet
text/css 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/portlet/journal_content/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1628695967000

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

461067e8ee661fd39768aa536701090fe098ef4f1109d57c0ca7823893d3003d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 370
Expires: Mon, 18 Aug 2031 14:10:24 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
branchoffer.com/html/js/ 87 KB
31 KB 426ms
203ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/jquery-3.5.1.min.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 30958
Expires: Mon, 18 Aug 2031 14:10:24 GMT

GET
H/1.1 200
OK jquery-migrate-1.4.1.js Show response
branchoffer.com/html/js/ 23 KB
8 KB 429ms
201ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/jquery-migrate-1.4.1.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

c68a880944aa03082e88bbe6c7df7747ee45f506fa777e76fb41709a0ba5a935

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 7801
Expires: Mon, 18 Aug 2031 14:10:24 GMT

GET
H/1.1 200
OK moment.min.js Show response
branchoffer.com/html/js/ 57 KB
19 KB 434ms
206ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/moment.min.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

d921ae5398393d52a0d875c602db8e2dfc30bd5865a741cc4d24c6dc7016d646

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 18637
Expires: Mon, 18 Aug 2031 14:10:24 GMT

GET
H/1.1 200
OK datatables.min.js Show response
branchoffer.com/html/js/ 83 KB
29 KB 757ms
132ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/datatables.min.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

4fec136e31d15a5302e0deb9d934dc5c798dc5daaa01851b194b36a828ef2392

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 29309
Expires: Mon, 18 Aug 2031 14:10:24 GMT

GET
H/1.1 200
OK datetime-moment.js Show response
branchoffer.com/html/js/ 2 KB
1 KB 758ms
126ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/datetime-moment.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

2a320c97429ea17677c89e56e26f1bebd05ba52522c7f9aa5a457e574274f44a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 969
Expires: Mon, 18 Aug 2031 14:10:24 GMT

GET
H/1.1 200
OK barebone.jsp Show response
branchoffer.com/html/js/ 323 KB
104 KB 815ms
172ms Script
text/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/barebone.jsp?browserId=other&themeId=baa_WAR_baatheme&colorSchemeId=01&minifierType=js&minifierBundleId=javascript.barebone.files&languageId=en_US&b=6120&t=1628696650000

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

ce2b80e8c57d3d26d25c324a90dac34e167e935fc82f20a02d748867855cf0bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:24 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, no-cache="Set-Cookie", public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 106341
Expires: Mon, 18 Aug 2031 14:10:24 GMT

GET
H/1.1 200
OK main.css
branchoffer.com/baa-theme/css/ 39 KB
9 KB 417ms
197ms Stylesheet
text/css 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/baa-theme/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1591012013000

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

3bccb766aeb6d7721f0d938ba0c978dd53d5fb9f4170e6e6e32c76e5ab2f9c8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 8394

GET
H/1.1 200
OK Cookie set plugins.js Show response
branchoffer.com/baa-theme/js/ 120 KB
39 KB 860ms
132ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/baa-theme/js/plugins.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

6c01ac5428cd685b091777bd45ac784070b870f9b5aed10a168e91d256eb5662

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:24 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Set-Cookie: JSESSIONID=01C7EB881BDC4791BA25EF3E65E1C22D.jvm1; Path=/baa-theme/; Secure; HttpOnly
Cache-Control: max-age=315360000, public
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 39510

GET
H/1.1 200
OK bootstrap.css
88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com/css/ 142 KB
21 KB 125ms
39ms Stylesheet
text/css 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com/css/bootstrap.css
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/sap846
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c718b31f11b5d9b57ca0c4455aba3aba99eeb84761025c1b1072cee4d72eae06

Request headers

Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Mar 2018 14:54:11 GMT
X-Trans-Id: tx8250bcf1950144f988297-006033e03eord1
ETag: 6b994d9ec76a94866c11cfb102e61037
Vary: Accept-Encoding
Content-Type: text/css
X-Timestamp: 1522421650.12202
Cache-Control: public, max-age=146285
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21041
Expires: Sun, 22 Aug 2021 06:48:29 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/usbank/external/prod/ 150 KB
49 KB 107ms
63ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.sync.js
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/sap846
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ce350db8e50eeea87a3c155cb0e0185da2c3429ae7ab396245fbcf8bbcc34d4b

Request headers

Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:24 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 21:54:38 GMT
server: AkamaiNetStorage
etag: "1b4cbf5e70e45d92ec4deae098a635e2:1626731677.943846"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 20 Aug 2021 14:15:24 GMT

GET
H/1.1 200
OK spacer.png
branchoffer.com/baa-theme/images/ 95 B
611 B 383ms
122ms Image
image/png 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://branchoffer.com/baa-theme/images/spacer.png

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=01C7EB881BDC4791BA25EF3E65E1C22D.jvm1; JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:24 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000, public
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 95
Expires: Mon, 18 Aug 2031 14:10:25 GMT

GET
H/1.1 200
OK main.js
branchoffer.com/baa-theme/js/ 109 B
608 B 405ms
122ms Script
text/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/baa-theme/js/main.js?browserId=other&minifierType=js&languageId=en_US&b=6120&t=1591012013000

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/sap846
Cookie: JSESSIONID=01C7EB881BDC4791BA25EF3E65E1C22D.jvm1; JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:24 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 84
Expires: Mon, 18 Aug 2031 14:10:25 GMT

GET
H2 200 utag.js
tags.tiqcdn.com/utag/usbank/external/prod/ 389 KB
117 KB 68ms
68ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/sap846
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:25 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 21:54:39 GMT
server: AkamaiNetStorage
etag: "5d1a1573c7314023892ed8e6d6583fd0:1626731679.280173"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 20 Aug 2021 14:15:25 GMT

GET
H/1.1 200
OK Primary Request index Show response
branchoffer.com/11t2/ 108 KB
19 KB 1938ms
1846ms Document
text/html 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/sap846

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

2c826fa850c17610d5f8a782f0ea50e2472ef5d5451b1311dbe5a19cb3725325

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Host: branchoffer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://branchoffer.com/sap846
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://branchoffer.com/sap846

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Server: Elan CRC 1
Content-Encoding: gzip
Liferay-Portal: Liferay Portal Enterprise Edition 6.1.20 EE (Paton / Build 6120 / July 31, 2012)
Content-Type: text/html;charset=UTF-8
Content-Length: 18978
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close

GET
H/1.1

200
OK

rd
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1629468625239
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1629468625239

3 KB
2 KB

34ms
34ms

XHR
application/json

54.171.168.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1629468625239

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.168.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-168-191.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v014-072b81205.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: dHcvXsHaQdk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://branchoffer.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1150
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v014-0296d1f4b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://branchoffer.com
X-TID: 6FtJaFJhRCM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1629468625239
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 quantum-usbank.js
cdn.quantummetric.com/qscripts/ 725 KB
110 KB 47ms
23ms Script
text/javascript 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-usbank.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 140
etag: W/"162931481661416291411955921629446406851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-ray: 681c347bea8c2b95-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 21ms
21ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=usbank/external/202107192154&cb=1629468625245
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:25 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 20 Aug 2021 14:20:25 GMT

GET
H/1.1 200
OK dest5.html
usbank.demdex.net/ Frame 44EA 7 KB
3 KB 237ms
37ms Document
text/html 52.17.54.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://usbank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.54.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-54-18.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: usbank.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://branchoffer.com/sap846
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=90576601343013880651154185583097104219
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://branchoffer.com/sap846

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 20 Aug 2021 14:10:25 GMT
DCS: dcs-prod-irl1-1-v014-03941dfcb.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 20 Aug 2021 11:53:50 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: E9cS2ddoRbM=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id
smetrics.sdcvisit.com/ 48 B
508 B 118ms
21ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.sdcvisit.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=675616D751E567410A490D4C%40AdobeOrg&mid=90699069740730644411182740386709733763&ts=1629468625315

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 20 Aug 2021 14:10:25 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5446df8c45-b2mpc
vary: Origin
x-c: main-1500.I51075a.M0-511
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://branchoffer.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YR_30QAAAIfiygQA
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=90576601343013880651154185583097104219
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YR_30QAAAIfiygQA

42 B
945 B

38ms
37ms

Image
image/gif

54.171.168.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YR_30QAAAIfiygQA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.168.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-168-191.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://branchoffer.com/sap846
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v014-02cdc4709.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: K/B/L4n0Tnw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YR_30QAAAIfiygQA
Date: Fri, 20 Aug 2021 14:10:25 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=edf62b65335ef976b6a4a5216264627970d0ebd3fb5b29b67d37e9575d7da2ebb0da87c991749652
dpm.demdex.net/ Frame 44EA
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=90576601343013880651154185583097104219
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomOTA1NzY2MDEzNDMwMTM4ODA2NTExNTQxODU1ODMwOTcxMDQyMTkQABoNCNHv_ogGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=edf62b65335ef976b6a4a5216264627970d0ebd3fb5b29b67d37e9575d7da2ebb0da87c991749652

42 B
945 B

36ms
36ms

Image
image/gif

54.171.168.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=edf62b65335ef976b6a4a5216264627970d0ebd3fb5b29b67d37e9575d7da2ebb0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.168.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-168-191.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v014-0f295dba6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: is5HOUUCRNY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Fri, 20 Aug 2021 14:10:25 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=edf62b65335ef976b6a4a5216264627970d0ebd3fb5b29b67d37e9575d7da2ebb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEDYvztGzA4C3biHTKsVa7bo&google_cver=1
dpm.demdex.net/ Frame 44EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=OTA1NzY2MDEzNDMwMTM4ODA2NTExNTQxODU1ODMwOTcxMDQyMTk=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=OTA1NzY2MDEzNDMwMTM4ODA2NTExNTQxODU1ODMwOTcxMDQyMTk=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDYvztGzA4C3biHTKsVa7bo&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

35ms
34ms

Image
image/gif

54.171.168.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDYvztGzA4C3biHTKsVa7bo&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.168.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-168-191.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v014-0b0e39acb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FdNPz5t2Qdk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:10:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDYvztGzA4C3biHTKsVa7bo&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 44EA 43 B
287 B 122ms
121ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=90576601343013880651154185583097104219&p_id=38594

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 20 Aug 2021 14:10:25 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f059df7ab6ff07edd7bd3b51d7eff6e7f22d6d3f31dded54cf301d966088b670
x-transaction: e7408228f399d697
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=1c62f7ad-1c4d-4e29-a1be-d689bb203235
dpm.demdex.net/ Frame 44EA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c62f7ad-1c4d-4e29-a1be-d689bb203235

42 B
945 B

33ms
33ms

Image
image/gif

54.171.168.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c62f7ad-1c4d-4e29-a1be-d689bb203235

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.168.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-168-191.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v014-0d0abd475.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FwAeDhVeRJo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:10:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c62f7ad-1c4d-4e29-a1be-d689bb203235
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=09ADEB907B3A6B341C42FB097A516AAB
dpm.demdex.net/ Frame 44EA
Redirect Chain

https://c.bing.com/c.gif?uid=90576601343013880651154185583097104219&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=09ADEB907B3A6B341C42FB097A516AAB

42 B
945 B

34ms
33ms

Image
image/gif

54.171.168.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=09ADEB907B3A6B341C42FB097A516AAB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.168.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-168-191.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v014-0c1b1f2e6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mhOGv6zyQOU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:10:25 GMT
x-msedge-ref: Ref A: 759723EA7A044CF9A2BD192076878A1E Ref B: FRAEDGE1521 Ref C: 2021-08-20T14:10:25Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=09ADEB907B3A6B341C42FB097A516AAB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 44EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVJfMzBRQUFBSWZpeWdRQQ==

170 B
188 B

18ms
17ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVJfMzBRQUFBSWZpeWdRQQ==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:10:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:10:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1629468626.066533,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVJfMzBRQUFBSWZpeWdRQQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 44EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YR_30QAAAIfiygQA&expires=90

0
239 B

114ms
34ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YR_30QAAAIfiygQA&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:10:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1629468626.172991,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YR_30QAAAIfiygQA&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 44EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YR_30QAAAIfiygQA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YR_30QAAAIfiygQA&C=1

43 B
1003 B

35ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YR_30QAAAIfiygQA&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 14:10:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Aug 2021 14:10:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 14:10:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YR_30QAAAIfiygQA&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Fri, 20 Aug 2021 14:10:26 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 44EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YR_30QAAAIfiygQA
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYR_30QAAAIfiygQA

43 B
1 KB

15ms
14ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYR_30QAAAIfiygQA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 14:10:26 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 50c57969-9993-4cd6-be7c-c973fb1bddf0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 14:10:26 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 09c87315-f30b-4ee7-be5e-5de50146ed65
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYR_30QAAAIfiygQA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 44EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YR_30QAAAIfiygQA
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YR_30QAAAIfiygQA

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YR_30QAAAIfiygQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:10:26 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YR_30QAAAIfiygQA
date: Fri, 20 Aug 2021 14:10:26 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 44EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YR_30QAAAIfiygQA

1 B
391 B

15ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YR_30QAAAIfiygQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:25 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:380
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:10:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1629468627.571519,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YR_30QAAAIfiygQA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 44EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YR_30QAAAIfiygQA&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YR_30QAAAIfiygQA&img=1&__user_check__=1&sync_id=5e2e8767-01c0-11ec-ae7f-199e6d820506

43 B
549 B

28ms
28ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YR_30QAAAIfiygQA&img=1&__user_check__=1&sync_id=5e2e8767-01c0-11ec-ae7f-199e6d820506
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 106
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YR_30QAAAIfiygQA&img=1&__user_check__=1&sync_id=5e2e8767-01c0-11ec-ae7f-199e6d820506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 78
Connection: keep-alive
Content-Length: 0

GET
H2

200

restricted
mid.rkdms.com/ Frame 44EA
Redirect Chain

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=90576601343013880651154185583097104219&_ct=img
https://mid.rkdms.com/restricted

0
0

103ms
103ms

Image
text/html

34.226.109.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.109.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-109-28.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location: /restricted
date: Fri, 20 Aug 2021 14:10:26 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK main.css
branchoffer.com/html/css/ 133 KB
23 KB 335ms
127ms Stylesheet
text/css 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1341582090000

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

96a06b6295ca49ec9528a7613135551dc2e52c5826d7c30f46d144a4126bbf62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 23151
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK main.css
branchoffer.com/html/portlet/journal_content/css/ 1 KB
818 B 336ms
126ms Stylesheet
text/css 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/portlet/journal_content/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1628695967000

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

461067e8ee661fd39768aa536701090fe098ef4f1109d57c0ca7823893d3003d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 370
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
branchoffer.com/html/js/ 87 KB
31 KB 341ms
129ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/jquery-3.5.1.min.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 30958
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK jquery-migrate-1.4.1.js Show response
branchoffer.com/html/js/ 23 KB
8 KB 338ms
127ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/jquery-migrate-1.4.1.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

c68a880944aa03082e88bbe6c7df7747ee45f506fa777e76fb41709a0ba5a935

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 7801
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK moment.min.js Show response
branchoffer.com/html/js/ 57 KB
19 KB 434ms
127ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/moment.min.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

d921ae5398393d52a0d875c602db8e2dfc30bd5865a741cc4d24c6dc7016d646

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 18637
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK datatables.min.js Show response
branchoffer.com/html/js/ 83 KB
29 KB 667ms
126ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/datatables.min.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

4fec136e31d15a5302e0deb9d934dc5c798dc5daaa01851b194b36a828ef2392

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 29309
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK datetime-moment.js Show response
branchoffer.com/html/js/ 2 KB
1 KB 665ms
122ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/html/js/datetime-moment.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

2a320c97429ea17677c89e56e26f1bebd05ba52522c7f9aa5a457e574274f44a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 969
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK barebone.jsp Show response
branchoffer.com/html/js/ 323 KB
104 KB 672ms
126ms Script
text/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

ce2b80e8c57d3d26d25c324a90dac34e167e935fc82f20a02d748867855cf0bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, no-cache="Set-Cookie", public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 106341
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK main.css
branchoffer.com/baa-theme/css/ 39 KB
9 KB 336ms
126ms Stylesheet
text/css 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/baa-theme/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1591012013000

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

3bccb766aeb6d7721f0d938ba0c978dd53d5fb9f4170e6e6e32c76e5ab2f9c8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=01C7EB881BDC4791BA25EF3E65E1C22D.jvm1; JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 8394
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK plugins.js Show response
branchoffer.com/baa-theme/js/ 120 KB
39 KB 768ms
125ms Script
application/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/baa-theme/js/plugins.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

6c01ac5428cd685b091777bd45ac784070b870f9b5aed10a168e91d256eb5662

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=01C7EB881BDC4791BA25EF3E65E1C22D.jvm1; JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:26 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 39510
Expires: Mon, 18 Aug 2031 14:10:27 GMT

GET
H/1.1 200
OK bootstrap.css
88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com/css/ 142 KB
21 KB 58ms
57ms Stylesheet
text/css 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com/css/bootstrap.css
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c718b31f11b5d9b57ca0c4455aba3aba99eeb84761025c1b1072cee4d72eae06

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Mar 2018 14:54:11 GMT
X-Trans-Id: tx8250bcf1950144f988297-006033e03eord1
ETag: 6b994d9ec76a94866c11cfb102e61037
Vary: Accept-Encoding
Content-Type: text/css
X-Timestamp: 1522421650.12202
Cache-Control: public, max-age=146282
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21041
Expires: Sun, 22 Aug 2021 06:48:29 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/usbank/external/prod/ 150 KB
49 KB 30ms
29ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.sync.js
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ce350db8e50eeea87a3c155cb0e0185da2c3429ae7ab396245fbcf8bbcc34d4b

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:27 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 21:54:38 GMT
server: AkamaiNetStorage
etag: "1b4cbf5e70e45d92ec4deae098a635e2:1626731677.943846"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 20 Aug 2021 14:15:27 GMT

GET
H/1.1 200
OK spacer.png
branchoffer.com/baa-theme/images/ 95 B
611 B 414ms
126ms Image
image/png 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://branchoffer.com/baa-theme/images/spacer.png

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

80c27e47a287a2e94bb78ec5c60a6bfd3d840e61718f5a4aacd2248ec3b3783a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=01C7EB881BDC4791BA25EF3E65E1C22D.jvm1; JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:28 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000, public
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Accept-Ranges: bytes
Content-Length: 95
Expires: Mon, 18 Aug 2031 14:10:28 GMT

GET
H/1.1 200
OK 0477039-lc00985-logoc.png
5f86b19bfd345491e541-0761b1a6395d07604af12b34740824f3.ssl.cf2.rackcdn.com/ 11 KB
11 KB 510ms
432ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5f86b19bfd345491e541-0761b1a6395d07604af12b34740824f3.ssl.cf2.rackcdn.com/0477039-lc00985-logoc.png
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 71a1f8c2ee13abae3d84892547eadd9d79c8daaf717e91dae1279bcaa84ac9cd

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:28 GMT
Last-Modified: Fri, 26 Feb 2021 20:54:27 GMT
X-Trans-Id: tx445c7b250e4f4d70ae4cd-00611fb7d4ord1
ETag: b089f5e9ecd50381d6f74751fb84bbb5
Content-Type: application/unknown
X-Timestamp: 1614372866.33762
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11075
Expires: Mon, 23 Aug 2021 14:10:28 GMT

GET
H/1.1 200
OK 2701064c-3306-4c48-ab25-72e63423314c.png
39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com/ 313 KB
313 KB 951ms
801ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com/2701064c-3306-4c48-ab25-72e63423314c.png
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 91c7be6d0d879a380b3bad53586f49cde3f297e4b0cf97b41e31d6e7e134dba2

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:28 GMT
Last-Modified: Tue, 02 Feb 2021 02:49:08 GMT
X-Trans-Id: tx7e36a0e625834eb494c69-00611fb7d4ord1
ETag: a7d35f1336e02c39655a64542eecf7ad
Content-Type: application/unknown
X-Timestamp: 1612234147.80769
Cache-Control: public, max-age=855
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 320592
Expires: Fri, 20 Aug 2021 14:24:43 GMT

GET
H/1.1 200
OK c48d5b53-0714-4df0-a7cb-d46c39ed3be4.png
39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com/ 279 KB
279 KB 664ms
514ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com/c48d5b53-0714-4df0-a7cb-d46c39ed3be4.png
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 32c4802d4bca814042d6e182c7264787e9337eb8c59b74dbeb2c98c2d407cdf0

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:28 GMT
Last-Modified: Thu, 21 Jan 2021 19:59:08 GMT
X-Trans-Id: txf3b4ffc86d5b419e904d2-00611fb7d4ord1
ETag: cab483f789702a145e720d3b51ae7eee
Content-Type: application/unknown
X-Timestamp: 1611259147.19928
Cache-Control: public, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 285199
Expires: Fri, 20 Aug 2021 14:25:28 GMT

GET
H/1.1 200
OK f9f05ebb-74e5-447f-a424-675747198dbe.png
39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com/ 289 KB
289 KB 689ms
526ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com/f9f05ebb-74e5-447f-a424-675747198dbe.png
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e32e3ffffca6d57c942ae4908a3c313ac6c876190c0d70dcf6c71e56263d1e5

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:28 GMT
Last-Modified: Thu, 21 Jan 2021 16:47:34 GMT
X-Trans-Id: txdb57f033d29943d2b8a71-00611fb7d4ord1
ETag: c5b565e8c8b989020ebb6dd6e76cfdfe
Content-Type: application/unknown
X-Timestamp: 1611247653.61123
Cache-Control: public, max-age=853
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 295577
Expires: Fri, 20 Aug 2021 14:24:41 GMT

GET
H/1.1 200
OK main.js Show response
branchoffer.com/baa-theme/js/ 109 B
608 B 333ms
122ms Script
text/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/baa-theme/js/main.js?browserId=other&minifierType=js&languageId=en_US&b=6120&t=1591012013000

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

329dc5a1be6896ffda57ff80a3f28b265e8f2daa81d6035377f4fa81b9e47259

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=01C7EB881BDC4791BA25EF3E65E1C22D.jvm1; JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 84
Expires: Mon, 18 Aug 2031 14:10:28 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/usbank/external/prod/ 389 KB
117 KB 42ms
41ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js
Requested by: Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e9058b5593088aa98a930000807981d4a0d31ce25b9f4bcf75be0fa06ef5923

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:28 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 21:54:39 GMT
server: AkamaiNetStorage
etag: "5d1a1573c7314023892ed8e6d6583fd0:1626731679.280173"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 20 Aug 2021 14:15:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2034
date: Fri, 20 Aug 2021 13:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 20 Aug 2021 15:36:34 GMT

GET
H/1.1 200
OK /
branchoffer.com/combo/ 270 B
598 B 243ms
122ms Stylesheet
text/css 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/combo/?browserId=other&minifierType=&languageId=en_US&b=6120&t=1628696650000&p=/html/js&m=/aui/widget-base/assets/skins/sam/widget-base.css

Requested by

Host: branchoffer.com
URL: https://branchoffer.com/html/js/barebone.jsp?browserId=other&themeId=baa_WAR_baatheme&colorSchemeId=01&minifierType=js&minifierBundleId=javascript.barebone.files&languageId=en_US&b=6120&t=1628696650000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

fc6e0af6c09ee55282f65c73154602835554b1996a4eb7690715b1989bbdb507

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 150
Expires: Mon, 18 Aug 2031 14:10:28 GMT

GET
H/1.1 200
OK / Show response
branchoffer.com/combo/ 2 KB
2 KB 376ms
138ms Script
text/javascript 198.61.246.11
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://branchoffer.com/combo/?browserId=other&minifierType=&languageId=en_US&b=6120&t=1628696650000&p=/html/js&m=/aui/base-build/base-build-min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.61.246.11 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

Elan CRC 1 /

Resource Hash

3aabd72904a559aa3347088891fdfa7512972125b7058ab989dcfb87e101306c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: branchoffer.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Cookie: JSESSIONID=FF593C75AF54D472E4829BEB42F89779.jvm1; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; utag_main=v_id:017b63e6094f001f098febbe9eef00072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1629470425232$ses_id:1629468625232%3Bexp-session$_pn:1%3Bexp-session; AMCVS_675616D751E567410A490D4C%40AdobeOrg=1; AMCV_675616D751E567410A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18860%7CMCMID%7C90699069740730644411182740386709733763%7CMCAAMLH-1630073425%7C6%7CMCAAMB-1630073425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629475825s%7CNONE%7CMCSYNCSOP%7C411-18867%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Connection: keep-alive
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Elan CRC 1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Content-Security-Policy: frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;
Connection: close
Content-Length: 1194
Expires: Mon, 18 Aug 2031 14:10:28 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1868062404&t=pageview&_s=1&dl=https%3A%2F%2Fbranchoffer.com%2F11t2%2Findex%3Fbankercode%3Dsap846%26ecdma-lc%3D00985%26ecid%3DOTHE_26646&ul=en-us&de=UTF-8&dt=SAA%20May%20T2%20Index%20-%20Elan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1193867116&gjid=217961289&cid=399728802.1629468628&tid=UA-48378840-8&_gid=452844312.1629468628&_r=1&_slc=1&z=2031442377

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:10:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://branchoffer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 quantum-usbank.js Show response
cdn.quantummetric.com/qscripts/ 725 KB
110 KB 44ms
33ms Script
text/javascript 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-usbank.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a95e4143908b2ae1cca16b4c51dcddfc34e1549e0f74799bac2e385b0070a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:28 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 143
etag: W/"162931481661416291411955921629446406851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-ray: 681c348f7c7d4ed3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 s62394282235588 Show response
smetrics.sdcvisit.com/b/ss/micrositeprod/10/JS-2.18.0/ 3 KB
3 KB 47ms
47ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.sdcvisit.com/b/ss/micrositeprod/10/JS-2.18.0/s62394282235588?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=20%2F7%2F2021%2016%3A10%3A28%205%20-120&d.&nsid=0&jsonv=1&.d&sdid=331A56F21279F717-690BAC3703072BD2&mid=90699069740730644411182740386709733763&aamlh=6&ce=UTF-8&pageName=microsite%3ANorthwest%20Bank%20Of%20Rockford%3Abranchoffer%3Aindex&g=https%3A%2F%2Fbranchoffer.com%2F11t2%2Findex%3Fbankercode%3Dsap846%26ecdma-lc%3D00985%26ecid%3DOTHE_26646&r=https%3A%2F%2Fbranchoffer.com%2Fsap846&c.&vidAPICheck=VisitorAPI%20Present&et_dimensions=1600x1200&et_width=1600&et_orientation=landscape&EVENTS=event17%2Cevent11%2Cevent15%2C&.c&cc=USD&v0=OTHE_26646&events=event17%2Cevent11%2Cevent15&products=%3BAll%20Cards&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=product&c2=credit%20cards&c3=D%3Dv3&v3=New&c4=9%3A00AM&c6=Friday&c7=8%2F20%2F2021&v9=prospect&c14=D%3Dg&c18=First%20Visit&c19=1&c24=11t2%3Aindex&c25=D%3Dproducts%2B%22%7C%22%2BD%3Dc24&c29=https%3A%2F%2Fbranchoffer.com%2F11t2%2Findex&v35=microsite%3ANorthwest%20Bank%20Of%20Rockford%3Abranchoffer%3Aindex&v36=OTHE_26646&v37=D%3DUser-Agent&c40=microsite&v40=D%3Dc2&v43=00985&v44=Northwest%20Bank%20Of%20Rockford&c50=baseCore%7CAM_2.18.0%7C02.20.2020%7CVid_4.4.0%20Tealium&v63=sap846&v66=vanity%20url&v90=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=675616D751E567410A490D4C%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

6bb3633419e41f3653d993bb2017c41ee44dbef16f131fa9aa3e829d3ca26f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid: au2IWDXERlU=
date: Fri, 20 Aug 2021 14:10:28 GMT
x-content-type-options: nosniff
x-c: main-1500.I51075a.M0-511
p3p: CP="This is not a P3P policy"
vary: *
content-length: 3118
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v014-000980c68.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Sat, 21 Aug 2021 14:10:28 GMT
server: jag
xserver: anedge-5446df8c45-hzffm
etag: 3499257235661258752-4619739917099616956
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 19 Aug 2021 14:10:28 GMT

GET
H/1.1 200
OK dest5.html Show response
usbank.demdex.net/ Frame 35B5 7 KB
3 KB 30ms
30ms Document
text/html 52.17.54.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://usbank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.54.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-54-18.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: usbank.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 20 Aug 2021 14:10:29 GMT
DCS: dcs-prod-irl1-2-v014-07dda0c01.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 20 Aug 2021 12:28:15 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 5/YbK+kdS/w=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/usbank/external/prod/ 4 KB
2 KB 21ms
21ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.7.js?utv=ut4.46.202107192154
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d3e35bd4f60010059235704efac7de22540b6b5c36c8c8ea83e667df54432a6c

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:10:29 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 18:35:26 GMT
server: AkamaiNetStorage
etag: "4aea6b25cd081020df662b24f83145d7:1603996527.000938"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1894
expires: Sat, 04 Sep 2021 14:10:29 GMT

GET
H/1.1 200
OK zag.gif
usbankmetrics.insight.omtrdc.net/customtag/ 35 B
407 B 546ms
173ms Image
image/gif 192.243.238.253
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usbankmetrics.insight.omtrdc.net/customtag/zag.gif?appStart=0&appComplete=0&url=https%3A%2F%2Fbranchoffer.com%2F11t2%2Findex%3Fbankercode%3Dsap846%26ecdma-lc%3D00985%26ecid%3DOTHE_26646&prodlist=%3BAll%20Cards&Log=1&r=0.9952343271558195
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.238.253 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: c7eb5d6fcc73fe8b4e8d94cfbc2da435c0832d8c17aa5d1ee3345829c09902f8

Request headers

Referer: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 14:10:30 GMT
Last-Modified: Wed, 09 Feb 2011 19:09:57 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "77be13f18cc8cb1:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.branchoffer.com/	1970-01-19 21:21:00	Name: aam_uuid Value: 90576601343013880651154185583097104219
.branchoffer.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_campaign%3DOTHE_26646%3B%20s_cpc%3D1%3B%20s_cc%3Dtrue%3B
.branchoffer.com/	1970-01-21 20:37:48	Name: s_pers Value: %20s_ev36%3D%255B%255B%2527OTHE_26646%2527%252C%25271629468628649%2527%255D%255D%7C1787235028649%3B%20s_lv%3D1629468628650%7C1724076628650%3B%20s_lv_s%3DFirst%2520Visit%7C1629470428650%3B%20s_nr%3D1629468628652-New%7C1802268628652%3B%20s_vnum%3D1802268628653%2526vn%253D1%7C1802268628653%3B%20s_invisit%3Dtrue%7C1629470428653%3B%20sc_visit_start%3D1%7C1629470428655%3B%20s_visitStart%3D1%7C1629470428657%3B%20s_prevPage%3Dmicrosite%253ANorthwest%2520Bank%2520Of%2520Rockford%253Abranchoffer%253Aindex%7C1629470428657%3B

46 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://branchoffer.com/html/js/jquery-migrate-1.4.1.js(Line 23) Message: JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api	log	URL: https://branchoffer.com/sap846(Line 1) Message: redirect
console-api	log	URL: https://branchoffer.com/sap846(Line 1) Message: sap846
console-api	log	URL: https://branchoffer.com/sap846(Line 1) Message: /11t2/index
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 13) Message: 1234
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 14) Message: Processing Dependency: SiteCatalyst, pageView
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 14) Message: Processing Dependency: SiteCatalyst, onClick
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 14) Message: Listener map added for 'SiteCatalyst' for following IDs: pageView onClick
console-api	log	URL: https://branchoffer.com/html/js/jquery-migrate-1.4.1.js(Line 23) Message: JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 1) Message: pbu 0477039 subbu 0000000 lc 00985
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 1) Message: logo url https://5f86b19bfd345491e541-0761b1a6395d07604af12b34740824f3.ssl.cf2.rackcdn.com0477039-lc00985-logoc.png
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 3) Message: logo url https://5f86b19bfd345491e541-0761b1a6395d07604af12b34740824f3.ssl.cf2.rackcdn.com0477039-lc00985-logoc.png
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: subbu: 0000000
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 13) Message: 1234
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: inside ready
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 14) Message: Processing Dependency: SiteCatalyst, pageView
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 14) Message: Processing Dependency: SiteCatalyst, onClick
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 14) Message: Listener map added for 'SiteCatalyst' for following IDs: pageView onClick
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 14) Message: PublishEvent Function Call Start ID:pageView
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 14) Message: [object Object]
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 35) Message: Testing
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 35) Message: [object Object]
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 36) Message: Testing1
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 38) Message: Testing2
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 41) Message: Testing3
console-api	log	URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js(Line 41) Message: [object Object]
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 285
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 179
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 285
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 179
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 285
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 179
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 285
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 179
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 285
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 179
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 2292
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 1442
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 2292
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 1442
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 2292
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 1442
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 2292
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 1442
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: width 2292
console-api	log	URL: https://branchoffer.com/11t2/index?bankercode=sap846&ecdma-lc=00985&ecid=OTHE_26646(Line 5) Message: height 1442

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' *.elanfinancialservices.com mediaserver-elan.qa.clockfour.net elancenters.webex.com;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

39f6f821fa03de239594-9f1c16ccc3b26ce57656bb4af99947b6.ssl.cf2.rackcdn.com
5f86b19bfd345491e541-0761b1a6395d07604af12b34740824f3.ssl.cf2.rackcdn.com
88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com
analytics.twitter.com
branchoffer.com
c.bing.com
cdn.quantummetric.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
match.adsrvr.org
mid.rkdms.com
pixel.rubiconproject.com
smetrics.sdcvisit.com
sync-tm.everesttech.net
sync.search.spotxchange.com
tags.tiqcdn.com
us-u.openx.net
usbank.demdex.net
usbankmetrics.insight.omtrdc.net
www.google-analytics.com
104.244.42.67
104.75.88.194
13.36.218.177
142.250.74.194
151.101.14.49
185.64.189.110
185.94.180.126
192.243.238.253
198.61.246.11
2.18.233.89
2.18.234.21
2606:4700:10::6816:34fc
2620:1ec:c11::200
2a00:1450:4001:80f::200e
34.226.109.28
34.248.191.66
34.98.64.218
35.244.174.68
37.252.173.22
52.17.54.18
54.171.168.191
69.173.144.138
76.223.111.131
2a320c97429ea17677c89e56e26f1bebd05ba52522c7f9aa5a457e574274f44a
2c826fa850c17610d5f8a782f0ea50e2472ef5d5451b1311dbe5a19cb3725325
2e32e3ffffca6d57c942ae4908a3c313ac6c876190c0d70dcf6c71e56263d1e5
329dc5a1be6896ffda57ff80a3f28b265e8f2daa81d6035377f4fa81b9e47259
32c4802d4bca814042d6e182c7264787e9337eb8c59b74dbeb2c98c2d407cdf0
3aabd72904a559aa3347088891fdfa7512972125b7058ab989dcfb87e101306c
3bccb766aeb6d7721f0d938ba0c978dd53d5fb9f4170e6e6e32c76e5ab2f9c8b
461067e8ee661fd39768aa536701090fe098ef4f1109d57c0ca7823893d3003d
4fec136e31d15a5302e0deb9d934dc5c798dc5daaa01851b194b36a828ef2392
6bb3633419e41f3653d993bb2017c41ee44dbef16f131fa9aa3e829d3ca26f42
6c01ac5428cd685b091777bd45ac784070b870f9b5aed10a168e91d256eb5662
71a1f8c2ee13abae3d84892547eadd9d79c8daaf717e91dae1279bcaa84ac9cd
7a95e4143908b2ae1cca16b4c51dcddfc34e1549e0f74799bac2e385b0070a9c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e9058b5593088aa98a930000807981d4a0d31ce25b9f4bcf75be0fa06ef5923
80c27e47a287a2e94bb78ec5c60a6bfd3d840e61718f5a4aacd2248ec3b3783a
91c7be6d0d879a380b3bad53586f49cde3f297e4b0cf97b41e31d6e7e134dba2
96a06b6295ca49ec9528a7613135551dc2e52c5826d7c30f46d144a4126bbf62
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
c68a880944aa03082e88bbe6c7df7747ee45f506fa777e76fb41709a0ba5a935
c718b31f11b5d9b57ca0c4455aba3aba99eeb84761025c1b1072cee4d72eae06
c7eb5d6fcc73fe8b4e8d94cfbc2da435c0832d8c17aa5d1ee3345829c09902f8
ce2b80e8c57d3d26d25c324a90dac34e167e935fc82f20a02d748867855cf0bd
ce350db8e50eeea87a3c155cb0e0185da2c3429ae7ab396245fbcf8bbcc34d4b
d3e35bd4f60010059235704efac7de22540b6b5c36c8c8ea83e667df54432a6c
d921ae5398393d52a0d875c602db8e2dfc30bd5865a741cc4d24c6dc7016d646
df8ef27e7b5aa786ff7fdd828ec82eee7e4c7f41340b08eaa7ed6ab1cab65bc4
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
fc6e0af6c09ee55282f65c73154602835554b1996a4eb7690715b1989bbdb507

branchoffer.com Open in urlscan Pro 198.61.246.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

13 %IPv6

21 Domains

25 Subdomains

18 IPs

6 Countries

2086 kBTransfer

5647 kBSize

3 Cookies

21 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

branchoffer.com Open in urlscan Pro
198.61.246.11 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

13 %
IPv6

21
Domains

25
Subdomains

18
IPs

6
Countries

2086 kB
Transfer

5647 kB
Size

3
Cookies

64 HTTP transactions
0 data transactions