urlscan.io logo urlscan.io
SecurityTrails logo

45.9.20.146 Open in urlscan Pro
45.9.20.146  Public Scan

Go To Rescan Add Verdict Report
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Submission: On December 02 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 8 countries across 23 domains to perform 48 HTTP transactions. The main IP is 45.9.20.146, located in Russian Federation and belongs to INTEMMSK-AS, RU. The main domain is 45.9.20.146.
This is the only time 45.9.20.146 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 45.9.20.146 60930 (INTEMMSK-AS)
3 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
1 184.24.19.240 16625 (AKAMAI-AS)
1 15 54.171.82.61 16509 (AMAZON-02)
1 34.253.95.191 16509 (AMAZON-02)
1 13.36.218.177 16509 (AMAZON-02)
1 1 34.248.191.66 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 3 185.33.220.244 29990 (ASN-APPNEX)
1 67.202.105.22 32748 (STEADFAST)
2 3 142.250.185.162 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 199.38.167.128 54312 (ROCKETFUEL)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 34.247.104.176 16509 (AMAZON-02)
1 1 3.124.210.90 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
2 2 143.204.98.82 16509 (AMAZON-02)
2 2 52.17.84.146 16509 (AMAZON-02)
8 8 151.101.2.49 54113 (FASTLY)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 2.21.141.232 16625 (AKAMAI-AS)
1 34.98.64.218 15169 (GOOGLE)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 1 51.222.80.231 16276 (OVH)
48 16
18    45.9.20.146 (Russian Federation)

ASN60930 (INTEMMSK-AS, RU)
45.9.20.146
3    2a02:26f0:fb:59a::51e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmtags.scotiabank.com
1    184.24.19.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-19-240.deploy.static.akamaitechnologies.com
auth.scotiaonline.scotiabank.com
15    54.171.82.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.253.95.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-95-191.eu-west-1.compute.amazonaws.com
scotiabank.demdex.net
1    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
somniture.scotiabank.com
1    34.248.191.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp2.33across.com
3    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
2    2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)
navdmp.com
cdn.navdmp.com
1    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
ml314.com
1    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
ads.scorecardresearch.com
2    52.17.84.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
8    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
Domain Requested by
15 dpm.demdex.net 1 redirects
8 sync-tm.everesttech.net 8 redirects
3 cm.g.doubleclick.net 2 redirects
3 ib.adnxs.com 2 redirects
3 dmtags.scotiabank.com 45.9.20.146
dmtags.scotiabank.com
2 sync.search.spotxchange.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 sync.crwdcntrl.net 2 redirects
2 ads.scorecardresearch.com 2 redirects
2 match.adsrvr.org 2 redirects
1 pixel.onaudience.com 1 redirects
1 www.facebook.com
1 image2.pubmatic.com
1 us-u.openx.net
1 pixel.rubiconproject.com
1 cms.analytics.yahoo.com 1 redirects
1 ps.eyeota.net 1 redirects
1 ml314.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 cdn.navdmp.com
1 navdmp.com 1 redirects
1 dp2.33across.com
1 sync.mathtag.com 1 redirects
1 cm.everesttech.net 1 redirects
1 somniture.scotiabank.com dmtags.scotiabank.com
1 scotiabank.demdex.net dmtags.scotiabank.com
1 auth.scotiaonline.scotiabank.com 45.9.20.146
48 28

This site contains links to these domains. Also see Links.

Domain
www.scotiabank.com
assets.kampyle.com
Subject Issuer Validity Valid
apps.scotiabank.com
Entrust Certification Authority - L1K		 2020-08-21 -
2022-11-20		 2 years crt.sh
auth.scotiabank.com
Entrust Certification Authority - L1K		 2020-02-27 -
2022-02-27		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
somniture.scotiabank.com
Entrust Certification Authority - L1K		 2020-07-29 -
2022-09-29		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh

This page contains 2 frames:

Primary Page: http://45.9.20.146/11/en/qa.php?&question=hello;
Frame ID: 5F5D30432487198B896BCD83DE92F15C
Requests: 25 HTTP requests in this frame

Frame: https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: CEAFFC6DA39145710CD4177424FD5FF1
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Security questions | ScotiabankScotiabankScotiabank

Page Statistics

48
Requests

15 %
HTTPS

14 %
IPv6

23
Domains

28
Subdomains

16
IPs

8
Countries

113 kB
Transfer

339 kB
Size

34
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1638407446001 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1638407446001
Request Chain 24
  • https://cm.everesttech.net/cm/dd?d_uuid=34534605539883921381794962710168867781 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YagdFgAAAKm3rAQf
Request Chain 25
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=34534605539883921381794962710168867781&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d34534605539883921381794962710168867781 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=88e561a8-1d16-4200-8b1c-5a5fb1a56603&ddsuuid=34534605539883921381794962710168867781
Request Chain 26
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=2122558802926753419
Request Chain 28
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQ1MzQ2MDU1Mzk4ODM5MjEzODE3OTQ5NjI3MTAxNjg4Njc3ODE= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzQ1MzQ2MDU1Mzk4ODM5MjEzODE3OTQ5NjI3MTAxNjg4Njc3ODE=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFPrjdl_c4_YP0oND6apWU0&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 29
  • https://navdmp.com/req?adID=34534605539883921381794962710168867781 HTTP 301
  • https://cdn.navdmp.com/req?adID=34534605539883921381794962710168867781
Request Chain 30
  • https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=970033152042850019
Request Chain 31
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=b06b1e13-ef60-43d4-b06e-1766f36a8b7c
Request Chain 32
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=GDJ0kB9nJJ8DMiPKHWY4nEhldMkDZiWRGTOwPbwp
Request Chain 33
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623406490667188238
Request Chain 34
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=34534605539883921381794962710168867781&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 35
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=34534605539883921381794962710168867781&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-AQl46wpE2pE7ll5Tuo3cbIGTo9bZpVH7t4c-~A
Request Chain 36
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=34534605539883921381794962710168867781&rn=1638407446173&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D34534605539883921381794962710168867781 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=34534605539883921381794962710168867781&rn=1638407446173&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D34534605539883921381794962710168867781 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=34534605539883921381794962710168867781
Request Chain 37
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=34534605539883921381794962710168867781?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=34534605539883921381794962710168867781?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f0ad4a7b8f09658ff050c1c3ac8f2e17
Request Chain 38
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWFnZEZnQUFBS20zckFRZg==
Request Chain 39
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YagdFgAAAKm3rAQf&expires=90
Request Chain 40
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YagdFgAAAKm3rAQf HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YagdFgAAAKm3rAQf&C=1
Request Chain 41
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YagdFgAAAKm3rAQf
Request Chain 42
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YagdFgAAAKm3rAQf
Request Chain 43
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YagdFgAAAKm3rAQf
Request Chain 44
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YagdFgAAAKm3rAQf&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YagdFgAAAKm3rAQf&img=1&__user_check__=1&sync_id=af100680-530c-11ec-892c-1984e64b0406
Request Chain 45
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YagdFgAAAKm3rAQf&t=2592000&o=0
Request Chain 46
  • https://pixel.onaudience.com/?partner=130&mapped=34534605539883921381794962710168867781&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request qa.php
45.9.20.146/11/en/ 		67 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f4b4866351dbf2a71bbfde72c1d52b974138945792437a8eaaca5351232cf09d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
14595
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
launch-edbf66c903b6.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/ 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a02:26f0:fb:59a::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cc86cf5dc3e4783dec807d1e8b3c1f0ab4cafaedd701b74c03cfd026749bfd88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Oct 2021 22:50:51 GMT
Server
nginx
ETag
W/"617734cb-37885"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
5f0e225c-d0fb-42ca-5842-10073c862131
Connection
keep-alive
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
61353
9b91de7ea9dc512e23c6a392c85ead8e.svg
auth.scotiaonline.scotiabank.com/assets/ 		960 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.scotiaonline.scotiabank.com/assets/9b91de7ea9dc512e23c6a392c85ead8e.svg
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
184.24.19.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-19-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
753fd36f50bef7225753d1dffbafa60b0139262166f8505dadfdc12fed8bf958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 01:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
content-language
de-DE
x-vcap-request-id
11b89bab-fcbd-432b-4449-033404779352
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-type
image/svg+xml
content-length
510
x-xss-protection
1; mode=block
styles.06910ad24a7613712b21.css
45.9.20.146/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/styles.06910ad24a7613712b21.css
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
15243e297f5364bd59f4088a864abbf7.woff
45.9.20.146/assets/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/assets/15243e297f5364bd59f4088a864abbf7.woff
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
Origin
http://45.9.20.146
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
fd1c0f449fc8540f82c47e1629cbd5dd.woff2
45.9.20.146/assets/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/assets/fd1c0f449fc8540f82c47e1629cbd5dd.woff2
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
Origin
http://45.9.20.146
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
00cecde981e3ef7491eba946f4b95fe0.woff
45.9.20.146/assets/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/assets/00cecde981e3ef7491eba946f4b95fe0.woff
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
Origin
http://45.9.20.146
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
8fd30bd010d9e2c7677ec339685f958b.woff
45.9.20.146/assets/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/assets/8fd30bd010d9e2c7677ec339685f958b.woff
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
Origin
http://45.9.20.146
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
resource-loader.js
45.9.20.146/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/resource-loader.js
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
runtime.61d06c57e5caa9ba6f16.js
45.9.20.146/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/runtime.61d06c57e5caa9ba6f16.js
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
main.1e4669a9f173eb18cfe7.chunk.js
45.9.20.146/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/main.1e4669a9f173eb18cfe7.chunk.js
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
dH48FCYB
45.9.20.146/tk6GPdLQ/BN25KDi/5YbpFjw/Ss/uaEit8fr/SyYxWAA-BA/DmVT/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/tk6GPdLQ/BN25KDi/5YbpFjw/Ss/uaEit8fr/SyYxWAA-BA/DmVT/dH48FCYB
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
a214561fc17b4b34b7a363dea6547e20.woff
45.9.20.146/assets/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/assets/a214561fc17b4b34b7a363dea6547e20.woff
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
Origin
http://45.9.20.146
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
3ca6c3facf3966b88b55118f7821ee72.woff2
45.9.20.146/assets/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/assets/3ca6c3facf3966b88b55118f7821ee72.woff2
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
Origin
http://45.9.20.146
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
64a8523319c68ca5e492309a68af4a9e.woff2
45.9.20.146/assets/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/assets/64a8523319c68ca5e492309a68af4a9e.woff2
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
Origin
http://45.9.20.146
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
runtime.61d06c57e5caa9ba6f16.js
45.9.20.146/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/runtime.61d06c57e5caa9ba6f16.js
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:45 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
50805f331bb1b697aafb6f0c28b09212.woff2
45.9.20.146/assets/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/assets/50805f331bb1b697aafb6f0c28b09212.woff2
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
Origin
http://45.9.20.146
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:46 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
b80f217d987e2499bbeda3a508530b4f.ttf
45.9.20.146/assets/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/assets/b80f217d987e2499bbeda3a508530b4f.ttf
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
Origin
http://45.9.20.146
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:46 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1638407446001
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1638407446001
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1638407446001
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
75f18ca27586aa031f4ad5b9af6c30d852d1c87303192c728a21b4ee101f98c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v020-0de6beb68.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
0aUMifXOT2E=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://45.9.20.146
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1599
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v020-0eba5c95e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
http://45.9.20.146
X-TID
fCEjayFxTqw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1638407446001
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/181ee72fc5a6/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/181ee72fc5a6/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a02:26f0:fb:59a::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Oct 2021 22:50:12 GMT
Server
nginx
ETag
W/"617734a4-82b6"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
9a5c5af4-a864-461f-76c1-6c2f0a557171
Connection
keep-alive
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
12184
AppMeasurement_Module_ActivityMap.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/181ee72fc5a6/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/181ee72fc5a6/hostedLibFiles/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a02:26f0:fb:59a::51e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Oct 2021 22:50:12 GMT
Server
nginx
ETag
W/"617734a4-ce7"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
39ed4ca2-b064-4055-4849-206ac3bc52af
Connection
keep-alive
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
1594
main.1e4669a9f173eb18cfe7.chunk.js
45.9.20.146/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/main.1e4669a9f173eb18cfe7.chunk.js
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:46 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
dH48FCYB
45.9.20.146/tk6GPdLQ/BN25KDi/5YbpFjw/Ss/uaEit8fr/SyYxWAA-BA/DmVT/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://45.9.20.146/tk6GPdLQ/BN25KDi/5YbpFjw/Ss/uaEit8fr/SyYxWAA-BA/DmVT/dH48FCYB
Requested by
Host: 45.9.20.146
URL: http://45.9.20.146/11/en/qa.php?&question=hello;
Protocol
HTTP/1.1
Server
45.9.20.146 , Russian Federation, ASN60930 (INTEMMSK-AS, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/11/en/qa.php?&question=hello;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:46 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
dest5.html
scotiabank.demdex.net/ Frame CEAF 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scotiabank.demdex.net/dest5.html?d_nsid=0
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.95.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-95-191.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Thu, 2 Dec 2021 01:10:46 GMT
DCS
dcs-prod-irl1-1-v020-0eb3097bc.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 26 Nov 2021 14:01:17 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
rxU+9zfuTno=
Content-Length
2791
Connection
keep-alive
id
somniture.scotiabank.com/ 		48 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://somniture.scotiabank.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=0AAF22CE52827A080A490D4D%40AdobeOrg&mid=25220083633931166321583626864686087895&ts=1638407446203
Requested by
Host: dmtags.scotiabank.com
URL: https://dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/launch-edbf66c903b6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
5b4473e8e999fe46f4063c3ebf14c91e568a5e9d5e2859355bc7e68e8864d97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://45.9.20.146/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 02 Dec 2021 01:10:46 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-6988cccb6f-szlq9
vary
Origin
x-c
main-1542.If2e2aa.M0-523
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://45.9.20.146
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YagdFgAAAKm3rAQf
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=34534605539883921381794962710168867781
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YagdFgAAAKm3rAQf
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YagdFgAAAKm3rAQf
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://45.9.20.146/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v020-036d02c2f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
XPeWviyEQRw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YagdFgAAAKm3rAQf
Date
Thu, 02 Dec 2021 01:10:46 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ibs:dpid=269&dpuuid=88e561a8-1d16-4200-8b1c-5a5fb1a56603&ddsuuid=34534605539883921381794962710168867781
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=34534605539883921381794962710168867781&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d34534605539883...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=88e561a8-1d16-4200-8b1c-5a5fb1a56603&ddsuuid=34534605539883921381794962710168867781
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=88e561a8-1d16-4200-8b1c-5a5fb1a56603&ddsuuid=34534605539883921381794962710168867781
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v020-06ab4b237.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rIXK4xNARH0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Thu, 02 Dec 2021 01:10:46 GMT
Server
MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=88e561a8-1d16-4200-8b1c-5a5fb1a56603&ddsuuid=34534605539883921381794962710168867781
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 02 Dec 2021 01:10:45 GMT
ibs:dpid=358&dpuuid=2122558802926753419
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=2122558802926753419
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2122558802926753419
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v020-0fa79362f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
GrJ57vthReM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 01:10:46 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8592d863-aae5-4df6-beca-40c8d455f709
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2122558802926753419
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
dp2.33across.com/ps/ Frame CEAF 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dp2.33across.com/ps/?pid=897&random=2101644856
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-33x-status
208
date
Thu, 02 Dec 2021 01:10:46 GMT
server
33XP004
ibs:dpid=771&dpuuid=CAESEFPrjdl_c4_YP0oND6apWU0&google_cver=1
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQ1MzQ2MDU1Mzk4ODM5MjEzODE3OTQ5NjI3MTAxNjg4Njc3ODE=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzQ1MzQ2MDU1Mzk4ODM5MjEzODE3OTQ5NjI3MTAxNjg4Njc3ODE=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFPrjdl_c4_YP0oND6apWU0&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFPrjdl_c4_YP0oND6apWU0&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v020-073f15a69.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jRQ9OokuQog=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFPrjdl_c4_YP0oND6apWU0&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
req
cdn.navdmp.com/ Frame CEAF
Redirect Chain
  • https://navdmp.com/req?adID=34534605539883921381794962710168867781
  • https://cdn.navdmp.com/req?adID=34534605539883921381794962710168867781
6 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.navdmp.com/req?adID=34534605539883921381794962710168867781
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 01:10:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b70ad713f6b42d5-FRA
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript

Redirect headers

location
https://cdn.navdmp.com/req?adID=34534605539883921381794962710168867781
date
Thu, 02 Dec 2021 01:10:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b70ad6e7c2042d5-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html
ibs:dpid=1121&dpuuid=970033152042850019
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=7085
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=970033152042850019
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=970033152042850019
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v020-0da0896ee.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Yd9pRJwFT1E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=970033152042850019
Date
Thu, 02 Dec 2021 01:10:47 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=903&dpuuid=b06b1e13-ef60-43d4-b06e-1766f36a8b7c
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=b06b1e13-ef60-43d4-b06e-1766f36a8b7c
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=b06b1e13-ef60-43d4-b06e-1766f36a8b7c
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v020-073f15a69.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sAQ9UwYbS6I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=b06b1e13-ef60-43d4-b06e-1766f36a8b7c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
ibs:dpid=1175&gdpr=0&dpuuid=GDJ0kB9nJJ8DMiPKHWY4nEhldMkDZiWRGTOwPbwp
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=GDJ0kB9nJJ8DMiPKHWY4nEhldMkDZiWRGTOwPbwp
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=GDJ0kB9nJJ8DMiPKHWY4nEhldMkDZiWRGTOwPbwp
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v020-07b9393dd.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KxBzm3ZgSEo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=GDJ0kB9nJJ8DMiPKHWY4nEhldMkDZiWRGTOwPbwp
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ibs:dpid=22052&dpuuid=3623406490667188238
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623406490667188238
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623406490667188238
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v020-03c8181d1.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
J2/Y9CFdTsE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 01:10:46 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623406490667188238
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
185
Expires
0,Thu, 02 Dec 2021 20:10:47 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=34534605539883921381794962710168867781&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v020-0794474a8.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
5YFp2YUjQV4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Thu, 02 Dec 2021 01:10:47 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ibs:dpid=30646
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=34534605539883921381794962710168867781&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-AQl46wpE2pE7ll5Tuo3cbIGTo9bZpVH7t4c-~A
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-AQl46wpE2pE7ll5Tuo3cbIGTo9bZpVH7t4c-~A
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v020-05033b576.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Z/OoxtqMQvI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Thu, 02 Dec 2021 01:10:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-AQl46wpE2pE7ll5Tuo3cbIGTo9bZpVH7t4c-~A
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
ibs:dpid=73426&dpuuid=34534605539883921381794962710168867781
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=34534605539883921381794962710168867781&rn=1638407446173&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D345346055398839...
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=34534605539883921381794962710168867781&rn=1638407446173&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D34534605539883...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=34534605539883921381794962710168867781
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=34534605539883921381794962710168867781
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v020-0c8503a2f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ydr/B5MoT2A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Thu, 02 Dec 2021 01:10:47 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=34534605539883921381794962710168867781
content-length
105
x-amz-cf-id
MeQo_wV9S6sm8sfEhEWJOzVmTSWF1PE-p5j4gg0g3YLnxRWqojbCVw==
ibs:dpid=121998&dpuuid=f0ad4a7b8f09658ff050c1c3ac8f2e17
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=34534605539883921381794962710168867781?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=34534605539883921381794962710168867781?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f0ad4a7b8f09658ff050c1c3ac8f2e17
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f0ad4a7b8f09658ff050c1c3ac8f2e17
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v020-097a3bdec.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
I8YBebSdRrA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f0ad4a7b8f09658ff050c1c3ac8f2e17
cache-control
no-cache
x-server
10.45.20.170
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame CEAF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWFnZEZnQUFBS20zckFRZg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWFnZEZnQUFBS20zckFRZg==
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638407448.711690,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWFnZEZnQUFBS20zckFRZg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame CEAF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YagdFgAAAKm3rAQf&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YagdFgAAAKm3rAQf&expires=90
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638407448.780718,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YagdFgAAAKm3rAQf&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame CEAF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YagdFgAAAKm3rAQf
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YagdFgAAAKm3rAQf&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YagdFgAAAKm3rAQf&C=1
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 01:10:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 02 Dec 2021 01:10:47 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 01:10:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YagdFgAAAKm3rAQf&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Thu, 02 Dec 2021 01:10:47 GMT
setuid
ib.adnxs.com/ Frame CEAF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YagdFgAAAKm3rAQf
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YagdFgAAAKm3rAQf
Protocol
HTTP/1.1
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 01:10:47 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ab5dc186-8ac4-4d4e-ac19-ce09a6166780
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638407448.982037,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YagdFgAAAKm3rAQf
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame CEAF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YagdFgAAAKm3rAQf
43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YagdFgAAAKm3rAQf
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:48 GMT
via
1.1 google
server
OXGW/16.221.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638407448.083967,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YagdFgAAAKm3rAQf
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame CEAF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YagdFgAAAKm3rAQf
1 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YagdFgAAAKm3rAQf
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 01:10:46 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:381
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638407448.183556,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YagdFgAAAKm3rAQf
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame CEAF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YagdFgAAAKm3rAQf&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YagdFgAAAKm3rAQf&img=1&__user_check__=1&sync_id=af100680-530c-11ec-892c-1984e64b0406
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YagdFgAAAKm3rAQf&img=1&__user_check__=1&sync_id=af100680-530c-11ec-892c-1984e64b0406
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 01:10:48 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
120
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 02 Dec 2021 01:10:48 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YagdFgAAAKm3rAQf&img=1&__user_check__=1&sync_id=af100680-530c-11ec-892c-1984e64b0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
114
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame CEAF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YagdFgAAAKm3rAQf&t=2592000&o=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YagdFgAAAKm3rAQf&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 17:10:48 PST
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
TdlgTi7Lge8YDbPiTWsZcEF8xeVuPaYMhv6GKD5j/OThukSKrVUaEqvY4IYkh8OhXFjNzGgCfs1h8Nj83b68zQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
expires
Wed, 01 Dec 2021 17:10:48 PST

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 01:10:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638407448.385489,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YagdFgAAAKm3rAQf&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame CEAF
Redirect Chain
  • https://pixel.onaudience.com/?partner=130&mapped=34534605539883921381794962710168867781&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
42 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Protocol
HTTP/1.1
Server
54.171.82.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-82-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scotiabank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v020-059091c9d.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300,104
X-TID
pks9ausuSqk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length
0

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| process object| LD_CONFIG object| savedUsers object| REDUX_STATE object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| webpackJsonp object| appEventData number| _dataLayerOverwriteMonitor object| antiClickjack function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s

34 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 34534605539883921381794962710168867781
45.9.20.146/ Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YagdFgAAAKm3rAQf
.dpm.demdex.net/ Name: dpm
Value: 34534605539883921381794962710168867781
45.9.20.146/ Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C18964%7CMCMID%7C25220083633931166321583626864686087895%7CMCAAMLH-1639012246%7C6%7CMCAAMB-1639012246%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1638414646s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18971%7CvVersion%7C5.2.0
.mathtag.com/ Name: uuid
Value: 88e561a8-1d16-4200-8b1c-5a5fb1a56603
.adnxs.com/ Name: uuid2
Value: 2122558802926753419
.doubleclick.net/ Name: IDE
Value: AHWqTUm4sTYsRd9y6efg8FZiQ4_sHu6YcIi-9PJKNmpYqsbCVdYa5iR3e-wt_Fe-Ct8
.adsrvr.org/ Name: TDID
Value: b06b1e13-ef60-43d4-b06e-1766f36a8b7c
.quantserve.com/ Name: d
Value: EKABDAHuJLmvYA
.quantserve.com/ Name: mc
Value: 61a81d17-16b3e-4ffaa-e0970
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI1IuArdPOmjoQBRgFIAEoAjILCISJ1tnpzpo6EAU4AQ..
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjQ3MDA2NjQ1MjAxsjA1MDC0FOIz1A3NjzBMyknxSzcpjQcAms1EayQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFxGtoZmxhYmBuYmJuaG4KAI_HnnkQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjQ3MDA2NjQ1MjAxsjA1MDC0FOIz1A3NjzBMyknxSzcpjZfiNTQztjAxMDcxMTc0NwEAV4lFPTMAAAA
.eyeota.net/ Name: SERVERID
Value: 16449~DM
.yahoo.com/ Name: A3
Value: d=AQABBBcdqGECEEE2SljoFDAKYFWlfR6If-4&S=AQAAAnes96lya8CJ2_9XjW5bmTc
.scorecardresearch.com/ Name: UID
Value: 1L6QJ6BV5EDXIWJHDIE7EGg1638407448
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: f0ad4a7b8f09658ff050c1c3ac8f2e17
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDNITDFJNE%2BySDOwNDO1SEszMDVINkw2Tky2SDNKNTRnAILEFbLiIBoKAF5vCn0%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIXCErDqSgAAAQQQE%2B"
.casalemedia.com/ Name: CMID
Value: YagdF-E.CUpNoP597hSmiAAA
.casalemedia.com/ Name: CMPS
Value: 3165
.casalemedia.com/ Name: CMPRO
Value: 1205
.casalemedia.com/ Name: CMST
Value: YagdF2GoHRcA
.casalemedia.com/ Name: CMRUM3
Value: 5861a81d172760YagdFgAAAKm3rAQf
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2GVUgGRj^!]tbPl1MwL(!R7qUY$*oLE^v@YWJX1^(XW9D'.s)Brpz6/X%W#.wL5oa9/sZwfzrV6SBWd<wEexQ67Oe!@Gy+*Ma@*
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YagdFgAAAKm3rAQf&KRTB&22978-YagdFgAAAKm3rAQf&KRTB&23194-YagdFgAAAKm3rAQf&KRTB&23209-YagdFgAAAKm3rAQf
.pubmatic.com/ Name: PugT
Value: 1638407446
.pubmatic.com/ Name: PUBMDCID
Value: 3
.spotxchange.com/ Name: audience
Value: af100635-530c-11ec-892c-1984e64b0406
.demdex.net/ Name: dextp
Value: 269-1-1638407446365|358-1-1638407446466|601-1-1638407446567|771-1-1638407446668|822-1-1638407446769|1121-1-1638407446869|903-1-1638407446970|1175-1-1638407447071|22052-1-1638407447172|30064-1-1638407447273|30646-1-1638407447374|73426-1-1638407447475|121998-1-1638407447576|144230-1-1638407447677|144231-1-1638407447777|144232-1-1638407447878|144233-1-1638407447979|144234-1-1638407448080|144235-1-1638407448180|144236-1-1638407448281|144237-1-1638407448382|161033-1-1638407448483
.onaudience.com/ Name: cookie
Value: 6c011d9876a08020

17 Console Messages

Source Level URL
Text
network error URL: http://45.9.20.146/assets/fd1c0f449fc8540f82c47e1629cbd5dd.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/assets/15243e297f5364bd59f4088a864abbf7.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/assets/00cecde981e3ef7491eba946f4b95fe0.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/runtime.61d06c57e5caa9ba6f16.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/styles.06910ad24a7613712b21.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/resource-loader.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/assets/8fd30bd010d9e2c7677ec339685f958b.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/assets/a214561fc17b4b34b7a363dea6547e20.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/assets/3ca6c3facf3966b88b55118f7821ee72.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/assets/64a8523319c68ca5e492309a68af4a9e.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/tk6GPdLQ/BN25KDi/5YbpFjw/Ss/uaEit8fr/SyYxWAA-BA/DmVT/dH48FCYB
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/main.1e4669a9f173eb18cfe7.chunk.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/runtime.61d06c57e5caa9ba6f16.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/assets/b80f217d987e2499bbeda3a508530b4f.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/assets/50805f331bb1b697aafb6f0c28b09212.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/main.1e4669a9f173eb18cfe7.chunk.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://45.9.20.146/tk6GPdLQ/BN25KDi/5YbpFjw/Ss/uaEit8fr/SyYxWAA-BA/DmVT/dH48FCYB
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.scorecardresearch.com
auth.scotiaonline.scotiabank.com
cdn.navdmp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dmtags.scotiabank.com
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
ml314.com
navdmp.com
p.rfihub.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
ps.eyeota.net
scotiabank.demdex.net
somniture.scotiabank.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
us-u.openx.net
www.facebook.com
13.36.218.177
142.250.185.162
143.204.98.82
151.101.2.49
184.24.19.240
185.29.132.241
185.33.220.244
185.64.189.110
185.94.180.126
199.38.167.128
2.21.141.232
212.82.100.182
2606:4700::6810:df3
2620:116:800d:21:ee05:6a01:4b41:8c89
2a02:26f0:fb:59a::51e
2a03:2880:f12d:83:face:b00c:0:25de
3.124.210.90
34.247.104.176
34.248.191.66
34.253.95.191
34.98.64.218
35.71.131.137
45.9.20.146
51.222.80.231
52.17.84.146
54.171.82.61
67.202.105.22
69.173.144.165
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b4473e8e999fe46f4063c3ebf14c91e568a5e9d5e2859355bc7e68e8864d97b
753fd36f50bef7225753d1dffbafa60b0139262166f8505dadfdc12fed8bf958
75f18ca27586aa031f4ad5b9af6c30d852d1c87303192c728a21b4ee101f98c6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cc86cf5dc3e4783dec807d1e8b3c1f0ab4cafaedd701b74c03cfd026749bfd88
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b4866351dbf2a71bbfde72c1d52b974138945792437a8eaaca5351232cf09d