pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev Open in urlscan Pro
2606:4700::6812:323 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Effective URL:
https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Submission: On March 18 via api (March 18th 2024, 1:12:38 pm UTC) from IN — Scanned from DE

Summary HTTP 27 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 27 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev.
TLS certificate: Issued by E1 on February 6th 2024. Valid for: 3 months.

This is the only time pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	104.18.191.234 104.18.191.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:310... 2a02:26f0:3100:782::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.33.187.121 13.33.187.121	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 4	52.50.105.129 52.50.105.129	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.203.57 104.16.203.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.17.54.105 52.17.54.105	16509 (AMAZON-02) (AMAZON-02)
27	11

8 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.191.234 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login.secure.investec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3100:782::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-121.fra60.r.cloudfront.net

dok.js-cdn.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.50.105.129 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-105-129.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
investec.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.203.57 (None, )

ASN13335 (CLOUDFLARENET, US)

smetrics.investec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.54.105 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-54-105.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	r2.dev pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev	50 KB
7	investec.com 1 redirects login.secure.investec.com smetrics.investec.com	214 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 245 investec.demdex.net	5 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 390 fonts.googleapis.com — Cisco Umbrella Rank: 38	32 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 429	73 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1277	517 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2754	154 B
1	gstatic.com fonts.gstatic.com	46 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 840	7 KB
1	dynatrace.com dok.js-cdn.dynatrace.com — Cisco Umbrella Rank: 94308	85 KB
27	10

	Domain	Requested by
8	pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev	pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev dok.js-cdn.dynatrace.com
6	login.secure.investec.com	1 redirects pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
3	dpm.demdex.net	1 redirects pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
3	assets.adobedtm.com	pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
2	fonts.googleapis.com	login.secure.investec.com
1	cm.everesttech.net	1 redirects
1	smetrics.investec.com	dok.js-cdn.dynatrace.com
1	investec.demdex.net	assets.adobedtm.com
1	api.ipify.org	dok.js-cdn.dynatrace.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
1	static.cloudflareinsights.com	pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
1	dok.js-cdn.dynatrace.com	pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
27	13

This site contains links to these domains. Also see Links.

Domain
login.secure.investec.com

Subject Issuer	Validity	Valid
*.r2.dev E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh
login.secure.investec.com Corporation Service Company RSA OV SSL CA	`2024-02-14` - `2025-03-09`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
dok.js-cdn.dynatrace.com Amazon RSA 2048 M03	`2023-09-27` - `2024-10-25`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
ipify.org GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
smetrics.investec.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Frame ID: 777584E61C889EF22D90A41349A04705
Requests: 26 HTTP requests in this frame

Frame: https://investec.demdex.net/dest5.html?d_nsid=0
Frame ID: AE453FFDEFCEE83533ECF0E20FAECBD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Investec Online

Page URL History Show full URLs

http://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html HTTP 307
https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

89 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

512 kB
Transfer

1184 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://login.secure.investec.com/usrroot-wpaas/login/forgot-password-decider
Title: Forgot your password?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html HTTP 307
https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://login.secure.investec.com/wpaas/main.41ca1150b6378845.css HTTP 302
https://login.secure.investec.com/wpaas

Request Chain 17

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1710767554278 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1710767554278

Request Chain 22

https://cm.everesttech.net/cm/dd?d_uuid=02233261464256679871955339400240012703 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zfg9wgAAAGwBogNx

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.html Show response
pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
Redirect Chain

http://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html

17 KB
17 KB

210ms
105ms

Document
text/html

2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdb3577f23368a69bdd3b7ad3d6a9593ecc9ddac6458caaf4be4a9cb0400bf16

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
CF-RAY: 8665799aef314db1-FRA
Connection: keep-alive
Content-Length: 16908
Content-Type: text/html
Date: Mon, 18 Mar 2024 13:12:33 GMT
ETag: "83c542374ae8f09f61083954fd8ac116"
Last-Modified: Mon, 04 Mar 2024 19:39:46 GMT
Server: cloudflare
Vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Non-Authoritative-Reason: HSTS

GET
H2 200 styles.23ddb869fbf80654.css
login.secure.investec.com/wpaas/ 325 KB
47 KB 354ms
225ms Stylesheet
text/css 104.18.191.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.secure.investec.com/wpaas/styles.23ddb869fbf80654.css

Requested by

Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.191.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba4eb95d508dac3d681b877bfafb4b3ce9fc7fd9d3f5d7064ded0f648248fa57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:12:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: Strict-origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=utf-8
feature-policy: none
wpaas-v: 1.4
cf-ray: 8665799c5a87bf60-WAW
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2

200

wpaas
login.secure.investec.com/
Redirect Chain

https://login.secure.investec.com/wpaas/main.41ca1150b6378845.css
https://login.secure.investec.com/wpaas

0
0

133ms
131ms

Stylesheet
text/html

104.18.191.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.secure.investec.com/wpaas
Requested by: Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: H2
Server: 104.18.191.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

date: Mon, 18 Mar 2024 13:12:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
vary: Accept-Encoding
location: https://login.secure.investec.com/wpaas
wpaas-v: 1.4
cf-ray: 8665799c5a82bf60-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 425ms
275ms Script
application/x-javascript 2a02:26f0:3100:782::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:782::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:12:34 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Mon, 18 Mar 2024 14:12:34 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 217ms
67ms Script
application/x-javascript 2a02:26f0:3100:782::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:782::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:12:34 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Mon, 18 Mar 2024 14:12:34 GMT

GET
H2 200 logo.svg
login.secure.investec.com/wpaas/assets/images/ 5 KB
2 KB 275ms
159ms Image
image/svg+xml 104.18.191.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.secure.investec.com/wpaas/assets/images/logo.svg

Requested by

Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.191.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fa335f35b1d8a35c572945e667fe7383fb027bd360a9ce18d13204e399072e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:12:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: Strict-origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
feature-policy: none
wpaas-v: 1.4
cf-ray: 8665799c6a8cbf60-WAW
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 zebra-login.png
login.secure.investec.com/usrroot-wpaas/assets/login/ 162 KB
162 KB 301ms
173ms Image
image/png 104.18.191.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.secure.investec.com/usrroot-wpaas/assets/login/zebra-login.png

Requested by

Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.191.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

264ca5e79817a8ed09cbea5ed49144aaaafa6645993a3766bf3d1e3d2036cc69

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.secure.investec.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:12:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://*.secure.investec.com
no-spoon: active
if-modified-since: 0
alt-svc: h3=":443"; ma=86400
content-length: 165580
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: Strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
feature-policy: none
cf-ray: 8665799c5a8abf60-WAW
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 icon-link-new.svg
login.secure.investec.com/usrroot-wpaas/assets/login/ 2 KB
1 KB 285ms
157ms Image
image/svg+xml 104.18.191.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.secure.investec.com/usrroot-wpaas/assets/login/icon-link-new.svg

Requested by

Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.191.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a47b58e667b50e6de7a469828f6e1b66943786a03827e636f424c5b34e458d0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.secure.investec.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:12:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://*.secure.investec.com
content-encoding: gzip
no-spoon: active
if-modified-since: 0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: Strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
feature-policy: none
cf-ray: 8665799c5a89bf60-WAW
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 launch-38900d9ae841.min.js Show response
assets.adobedtm.com/a89ee39ef745/f31034c8fe25/ 217 KB
59 KB 218ms
68ms Script
application/x-javascript 2a02:26f0:3100:782::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a89ee39ef745/f31034c8fe25/launch-38900d9ae841.min.js
Requested by: Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:782::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e25ef1a3c6c3a76af19f94f3730f0f0b28cdf75bc05d3347965775a0d9f6e732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:12:34 GMT
content-encoding: gzip
last-modified: Mon, 15 Jan 2024 13:44:03 GMT
server: AkamaiNetStorage
etag: "5acc7b54969bc7d9f601d53635370438:1705326243.587794"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 60277
expires: Mon, 18 Mar 2024 14:12:34 GMT

GET
H2 200 a33f90684cc7f616_complete.js Show response
dok.js-cdn.dynatrace.com/jstag/17dc3dca4c8/bf84987nrs/ 221 KB
85 KB 156ms
48ms Script
application/javascript 13.33.187.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dok.js-cdn.dynatrace.com/jstag/17dc3dca4c8/bf84987nrs/a33f90684cc7f616_complete.js

Requested by

Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-121.fra60.r.cloudfront.net

Software

Resource Hash

ff456cdd8ec8a64532d51ffe6d74686cc31fc821e34e766f46de359b90ebc7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
Origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:05:35 GMT
content-encoding: gzip
via: 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-cf-pop: FRA60-P9
traceresponse: 00-57a5f14f89383be46f62ed097059c87f-2e0105a1f89e95d4-01
age: 418
x-cache: Hit from cloudfront
x-oneagent-js-injection: true
traffic-source: UNKNOWN
dynatrace-response-id: 72VF999KGGEU
dynatrace-response-source: Cluster
x-dt-tracestate: 67e0a59d-8e83bf33@dt
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
timing-allow-origin: *
x-amz-cf-id: J_X72V2sb_0KMJwVXocXAlqbsop1qoTvta3uiJPA0o0H0KzbfL5b3g==
expires: Mon, 18 Mar 2024 14:05:35 GMT

GET
H/1.1 404
Not Found runtime.c1411f2a2fb6c6b8.js
pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/ 0
0 95ms
95ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/runtime.c1411f2a2fb6c6b8.js
Requested by: Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 13:12:33 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 8665799b9ff64db1-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found polyfills.14c40b9e436ac7c7.js
pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/ 0
0 170ms
83ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/polyfills.14c40b9e436ac7c7.js
Requested by: Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 13:12:33 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 8665799c1962bb7f-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found styles.5e1fe922a868e98b.js
pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/ 0
0 188ms
101ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/styles.5e1fe922a868e98b.js
Requested by: Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 13:12:33 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 8665799c1bf33a82-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found main.027257fc130ccd66.js
pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/ 0
0 254ms
84ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/main.027257fc130ccd66.js
Requested by: Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 13:12:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 8665799ca9f0bb7f-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 166ms
80ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
Origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:12:33 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8665799c2ca19043-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 10:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 10:13:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
821 B 151ms
64ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: login.secure.investec.com
URL: https://login.secure.investec.com/wpaas/styles.23ddb869fbf80654.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.secure.investec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 13:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 12:42:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 13:12:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 842 B
819 B 150ms
63ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Caslon+Text&display=swap

Requested by

Host: login.secure.investec.com
URL: https://login.secure.investec.com/wpaas/styles.23ddb869fbf80654.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8afc54f9a7119ee37c994cd65c37475f9394319e8d0aee36dcdfee25ce220b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.secure.investec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 13:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 12:42:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 13:12:34 GMT

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1710767554278
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1710767554278

367 B
931 B

59ms
59ms

XHR
application/json

52.50.105.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1710767554278

Requested by

Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html

Protocol

Server

52.50.105.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-105-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9483ee9ac52b8fd5a4cec9f10c66040b7d56fb91da99f0a063a3ec286eb034a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v058-07546f2cb.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 18 Mar 2024 13:12:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: v/Y3AJ85S8E=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 308
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v058-084f524ed.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 18 Mar 2024 13:12:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: aEkEvU8VQOg=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1710767554278
access-control-allow-origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 08:52:40 GMT
x-content-type-options: nosniff
age: 533994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 08:52:40 GMT

GET
H2 200 / Show response
api.ipify.org/ 21 B
154 B 287ms
199ms XHR
application/json 104.26.12.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: dok.js-cdn.dynatrace.com
URL: https://dok.js-cdn.dynatrace.com/jstag/17dc3dca4c8/bf84987nrs/a33f90684cc7f616_complete.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 022e8f3d4025683154125cfbaa3f875010c3608dbc95787f7acf421c6cadfe1e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 13:12:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 8665799fbdcf9170-FRA
content-length: 21

GET
H2 200 dest5.html Show response
investec.demdex.net/ Frame AE45 7 KB
3 KB 65ms
56ms Document
text/html 52.50.105.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://investec.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a89ee39ef745/f31034c8fe25/launch-38900d9ae841.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.50.105.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-105-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 18 Mar 2024 13:12:34 GMT
dcs: dcs-prod-irl1-1-v058-05729155a.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 6 Mar 2024 12:59:33 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: 5Cen0JucQgE=

GET
H2 200 id Show response
smetrics.investec.com/ 48 B
771 B 320ms
181ms XHR
application/x-javascript 104.16.203.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.investec.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=38AC7FBA57E2AF467F000101%40AdobeOrg&mid=02663186182936113281984271584232568652&ts=1710767554521

Requested by

Host: dok.js-cdn.dynatrace.com
URL: https://dok.js-cdn.dynatrace.com/jstag/17dc3dca4c8/bf84987nrs/a33f90684cc7f616_complete.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.203.57 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77e42bcb04ae24d9e7df2b94de86cd880e7c27499d3306530b556f5ec7c4b271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Mar 2024 13:12:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy"
alt-svc: h3=":443"; ma=86400
content-length: 48
x-xss-protection: 1; mode=block
server: cloudflare
vary: Origin, Accept-Encoding
test-header-country: DE
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
cf-apo-via: origin,host
cf-ray: 866579a0bc623bc4-WAW

GET
H2

200

ibs:dpid=411&dpuuid=Zfg9wgAAAGwBogNx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=02233261464256679871955339400240012703
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zfg9wgAAAGwBogNx

42 B
715 B

61ms
61ms

Image
image/gif

52.50.105.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zfg9wgAAAGwBogNx

Requested by

Host: pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html

Protocol

Server

52.50.105.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-105-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v058-0c45ccf25.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 18 Mar 2024 13:12:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: yJpy9ZklRE4=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zfg9wgAAAGwBogNx
Date: Mon, 18 Mar 2024 13:12:34 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H/1.1 200
OK rum Show response
pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/cdn-cgi/ 0
219 B 42ms
42ms XHR
text/plain 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/cdn-cgi/rum?

Requested by

Host: dok.js-cdn.dynatrace.com
URL: https://dok.js-cdn.dynatrace.com/jstag/17dc3dca4c8/bf84987nrs/a33f90684cc7f616_complete.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

x-dtpc: -45$167554388_810h5vMVBUOUCUMLUKDKICVMGCCPKPCIWUPLPK-0e0
Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: application/json

Response headers

Date: Mon, 18 Mar 2024 13:12:34 GMT
X-Content-Type-Options: nosniff
Server: cloudflare
Connection: keep-alive
CF-RAY: 866579a1ecae18fd-FRA
Transfer-Encoding: chunked
X-Frame-Options: DENY

POST
H/1.1 401
Unauthorized rb_bf84987nrs Show response
pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/ 16 KB
17 KB 57ms
57ms Fetch
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/rb_bf84987nrs?type=js3&sn=v_4_srv_-2D45_sn_I57NMVJF1R2TPMJCFPPDFS4P13OEO0AR&svrid=-45&flavor=post&vi=MVBUOUCUMLUKDKICVMGCCPKPCIWUPLPK-0&modifiedSince=1710413732070&rf=https%3A%2F%2Fpub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev%2Findex.html&bp=3&app=a33f90684cc7f616&crc=1705502693&en=kzcggbo1&end=1
Requested by: Host: dok.js-cdn.dynatrace.com
URL: https://dok.js-cdn.dynatrace.com/jstag/17dc3dca4c8/bf84987nrs/a33f90684cc7f616_complete.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e72220408b3a3a351433a4cc02b8d3dea31bf8b6955e11d5baa7fb5655cacbe7

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 18 Mar 2024 13:12:36 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 866579a90db918fd-FRA
Content-Length: 16794
Vary: Accept-Encoding
Content-Type: text/html

POST
H/1.1 401
Unauthorized rb_bf84987nrs Show response
pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/ 16 KB
17 KB 55ms
54ms Fetch
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/rb_bf84987nrs?type=js3&sn=v_4_srv_-2D45_sn_I57NMVJF1R2TPMJCFPPDFS4P13OEO0AR&svrid=-45&flavor=post&vi=MVBUOUCUMLUKDKICVMGCCPKPCIWUPLPK-0&modifiedSince=1710413732070&rf=https%3A%2F%2Fpub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev%2Findex.html&bp=3&app=a33f90684cc7f616&crc=162130415&en=kzcggbo1&end=1
Requested by: Host: dok.js-cdn.dynatrace.com
URL: https://dok.js-cdn.dynatrace.com/jstag/17dc3dca4c8/bf84987nrs/a33f90684cc7f616_complete.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e72220408b3a3a351433a4cc02b8d3dea31bf8b6955e11d5baa7fb5655cacbe7

Request headers

Referer: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 18 Mar 2024 13:12:38 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 866579b5ad2018fd-FRA
Content-Length: 16794
Vary: Accept-Encoding
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secure.investec.com/	1970-01-20 19:12:49	Name: __cf_bm Value: 2blWfalPPWeccXO.Cg6c32GVnqkgvxfbqZ5iUl9UT_U-1710767554-1.0.1.1-UrIR29qejY4l2ceDGkNHVJZJdbHwghKaz0XGOJzJaZsV_80QzhkYcEmFmD4qCVom_X1Dze5GqNi4OaS38ZR.KQ
.pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D45_sn_I57NMVJF1R2TPMJCFPPDFS4P13OEO0AR
.pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/	1970-01-21 04:48:47	Name: rxVisitor Value: 17107675543892LRFDQ22MQ28GK923LTMVNPKFUBN4AU3
.demdex.net/	1970-01-20 23:31:59	Name: demdex Value: 02233261464256679871955339400240012703
.pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/	1969-12-31 23:59:59	Name: AMCVS_38AC7FBA57E2AF467F000101%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 03:58:23	Name: everest_g_v2 Value: g_surferid~Zfg9wgAAAGwBogNx
.dpm.demdex.net/	1970-01-20 23:31:59	Name: dpm Value: 02233261464256679871955339400240012703
.investec.com/	1970-01-21 04:48:47	Name: s_ecid Value: MCMID%7C02663186182936113281984271584232568652
.investec.com/	1970-01-20 19:12:49	Name: __cf_bm Value: 15ARYfNZtYoOeJncqGMytUpMSECLFJZckpesHxB9iSA-1710767554-1.0.1.1-me0LVzt49Gh9hDc.3xit04SS3BBtoTZNd40e5IN5rubEnrrb6nbf5H41rNH4Zbh1BU.yER318Nyb3Me0nE1Oog
.pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/	1969-12-31 23:59:59	Name: rxvt Value: 1710769354844\|1710767554390
.pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/	1970-01-21 04:48:47	Name: AMCV_38AC7FBA57E2AF467F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C19801%7CMCMID%7C02663186182936113281984271584232568652%7CMCAAMLH-1711372354%7C6%7CMCAAMB-1711372354%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1710774754s%7CNONE%7CMCSYNCSOP%7C411-19808%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/	1969-12-31 23:59:59	Name: dtPC Value: -45$167554388_810h-vMVBUOUCUMLUKDKICVMGCCPKPCIWUPLPK-0e0

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/runtime.c1411f2a2fb6c6b8.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/polyfills.14c40b9e436ac7c7.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/styles.5e1fe922a868e98b.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/main.027257fc130ccd66.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/rb_bf84987nrs?type=js3&sn=v_4_srv_-2D45_sn_I57NMVJF1R2TPMJCFPPDFS4P13OEO0AR&svrid=-45&flavor=post&vi=MVBUOUCUMLUKDKICVMGCCPKPCIWUPLPK-0&modifiedSince=1710413732070&rf=https%3A%2F%2Fpub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev%2Findex.html&bp=3&app=a33f90684cc7f616&crc=1705502693&en=kzcggbo1&end=1 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev/rb_bf84987nrs?type=js3&sn=v_4_srv_-2D45_sn_I57NMVJF1R2TPMJCFPPDFS4P13OEO0AR&svrid=-45&flavor=post&vi=MVBUOUCUMLUKDKICVMGCCPKPCIWUPLPK-0&modifiedSince=1710413732070&rf=https%3A%2F%2Fpub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev%2Findex.html&bp=3&app=a33f90684cc7f616&crc=162130415&en=kzcggbo1&end=1 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipify.org
assets.adobedtm.com
cm.everesttech.net
dok.js-cdn.dynatrace.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
investec.demdex.net
login.secure.investec.com
pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev
smetrics.investec.com
static.cloudflareinsights.com
104.16.203.57
104.18.191.234
104.26.12.205
13.33.187.121
2606:4700::6810:5049
2606:4700::6812:323
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:81d::200a
2a02:26f0:3100:782::1e80
52.17.54.105
52.50.105.129
022e8f3d4025683154125cfbaa3f875010c3608dbc95787f7acf421c6cadfe1e
264ca5e79817a8ed09cbea5ed49144aaaafa6645993a3766bf3d1e3d2036cc69
2fa335f35b1d8a35c572945e667fe7383fb027bd360a9ce18d13204e399072e0
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529
77e42bcb04ae24d9e7df2b94de86cd880e7c27499d3306530b556f5ec7c4b271
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
9483ee9ac52b8fd5a4cec9f10c66040b7d56fb91da99f0a063a3ec286eb034a6
a47b58e667b50e6de7a469828f6e1b66943786a03827e636f424c5b34e458d0e
b8afc54f9a7119ee37c994cd65c37475f9394319e8d0aee36dcdfee25ce220b9
ba4eb95d508dac3d681b877bfafb4b3ce9fc7fd9d3f5d7064ded0f648248fa57
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e25ef1a3c6c3a76af19f94f3730f0f0b28cdf75bc05d3347965775a0d9f6e732
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72220408b3a3a351433a4cc02b8d3dea31bf8b6955e11d5baa7fb5655cacbe7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdb3577f23368a69bdd3b7ad3d6a9593ecc9ddac6458caaf4be4a9cb0400bf16
ff456cdd8ec8a64532d51ffe6d74686cc31fc821e34e766f46de359b90ebc7de

pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev Open in urlscan Pro 2606:4700::6812:323 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

89 %HTTPS

50 %IPv6

10 Domains

13 Subdomains

11 IPs

4 Countries

512 kBTransfer

1184 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

pub-9875efe3f1ea4f90a1a7697c689cebad.r2.dev Open in urlscan Pro
2606:4700::6812:323 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

89 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

512 kB
Transfer

1184 kB
Size

12
Cookies

27 HTTP transactions
0 data transactions