www.bai.org Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.quantexa.com/e3t/Ctc/DL+113/cFBR404/VVwDjb1VT6R0W4kRJx41kKzD6W3Jh9SL4MdjcqN3pwdCJ5nCTJV3Zsc37CgVpCW3bL1xb5Clh...
Effective URL:
https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Co...
Submission: On July 11 via api (July 11th 2022, 7:54:37 am UTC) from SG — Scanned from DE

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 8 domains to perform 57 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.bai.org. The Cisco Umbrella rank of the primary domain is 263962.
TLS certificate: Issued by R3 on June 23rd 2022. Valid for: 3 months.

This is the only time www.bai.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67e2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
27	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
9	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:892	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:401... 2a00:1450:4014:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
57	12

2 2606:2c40::c73c:67e2 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.quantexa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.bai.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.bai.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:892 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.sitesearch360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insights.sitesearch360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	bai.org www.bai.org — Cisco Umbrella Rank: 263962 info.bai.org — Cisco Umbrella Rank: 731265	533 KB
9	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	177 KB
7	googlesyndication.com 975eb5ffa048b1c41dad4ab8696090db.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	268 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	549 B
4	sitesearch360.com cdn.sitesearch360.com — Cisco Umbrella Rank: 31156 insights.sitesearch360.com — Cisco Umbrella Rank: 30815	92 KB
2	quantexa.com 1 redirects info.quantexa.com	4 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	43 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7751	792 B
57	8

	Domain	Requested by
27	www.bai.org	info.quantexa.com www.bai.org
9	securepubads.g.doubleclick.net	www.bai.org securepubads.g.doubleclick.net info.quantexa.com www.googletagservices.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google.com	securepubads.g.doubleclick.net
3	cdn.sitesearch360.com	www.bai.org cdn.sitesearch360.com
2	info.quantexa.com	1 redirects
1	pagead2.googlesyndication.com	www.googletagservices.com
1	insights.sitesearch360.com	cdn.sitesearch360.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	info.bai.org	www.bai.org
0	975eb5ffa048b1c41dad4ab8696090db.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
57	13

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
www.google.com

Subject Issuer	Validity	Valid
info.quantexa.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
www.bai.org R3	`2022-06-23` - `2022-09-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
info.bai.org Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
Frame ID: E1A7D3AE806FC187890E4BD169CDAE84
Requests: 58 HTTP requests in this frame

Frame: https://975eb5ffa048b1c41dad4ab8696090db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C248C537088AB75DFA86DB47C881388
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.quantexa.com/e3t/Ctc/DL+113/cFBR404/VVwDjb1VT6R0W4kRJx41kKzD6W3Jh9SL4MdjcqN3pwdCJ5nCTJV3Z... Page URL
https://info.quantexa.com/events/public/v1/encoded/track/tc/DL+113/cFBR404/VVwDjb1VT6R0W4kRJx41kKzD6W3... HTTP 307
https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-e... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

73 %
IPv6

8
Domains

13
Subdomains

12
IPs

4
Countries

1117 kB
Transfer

3340 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjstvec_MGGBtkDOAvsKlBN_ZLAVJ7wPKr0Ut3Iw41zmgxog63b9kos10BlOMpOuk_1BlPTuOMAK-ibNPxtYcXwmAU2B1P0jAJWFL3mkpQtptCeBs5dEIn9MMqdApgGl-P-dpy8ZTgzzNlAE-GIPs_TFV7UsNuKfQfZaGYBcgCJkhevshV5cp4boqiSytIgXoQAG2JtUQ3bIAh_gtCAqGRQWCleUWRnPkvJx_u4oOAEGxmIpMOCsAeOIzvkaduq6k6_JWC8U6No9DTa_atSnlWDK-xbAPTlQI_BvbvF04TxCIo7zKYbSwt6ZERqo_GjdQM0ZsesI24UMR9wQ&sai=AMfl-YRaVFrjhBsMpgfFr7CaYvXWRMzLfp4C66GqP1OyPoVCHsek0jfIpSxAxFuvAnKwqkerBd4dfi-_9Qsl3EunTquLA_ClrTdvfTeCtZDPdVovjpSmwAoP-52qLa4rEtg&sig=Cg0ArKJSzDnlgh5EAXlg&fbs_aeid=[gw_fbsaeid]&adurl=https://info.bai.org/featured-innovation-the-rising-challenge-at-banks-engaging-dormant-customers.html%3Futm_medium%3Ddisplay%26utm_source%3Dbso%26utm_campaign%3Dfi_0622

Search URL Search Domain Scan URL

URL: https://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttps://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/%253F_hsmi%253D218932435%2526_hsenc%253Dp2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug%26gl%3DDE%26hl%3Dde%26client%3Dca-pub-0233566981405773%26ai0%3DBMyBqOdfLYpaSFMGi3gOns6-wDuqXpaBGAAAAEAEg0O2fGzgBWIeu3ciDBGCV4pCCoAeyAQt3d3cuYmFpLm9yZ7oBCWdmcF9pbWFnZcgBA9oB4AFodHRwczovL3d3dy5iYWkub3JnL2Jhbmtpbmctc3RyYXRlZ2llcy9hcnRpY2xlLWRldGFpbC93aHktYXV0b21hdGluZy1reWMtaXMtbW9yZS1jcml0aWNhbC10aGFuLWV2ZXIvP19oc21pPTIxODkzMjQzNSZfaHNlbmM9cDJBTnF0ei04cUhrd1B1OXZ4LVdtNXlYYWt3TVNSbnFJMkhCWTE1em5FemEwTmxBdGI3Y0hhcEl3MFd2c0JPd0t3azJ1WE8yRVdDUl81SmNpODV2YlVFd0pPc1hmR3R4Vnh1Z8ACAuACAOoCJS82MDc2MzIwL0JBSS1FdmVudHMtT2FnZXMtU2t5c2NyYXBlcjL4AvDRHoADAZADyAaYA6QDqAMByAOZBOAEAdIFBhDjhOrHFpAGAaAGFKgHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB4Acf0ggSCIjhgHAQARgdMgPrggE6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&usg=AOvVaw3Io2NoC98kQQBfeq-RA-p-

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.quantexa.com/e3t/Ctc/DL+113/cFBR404/VVwDjb1VT6R0W4kRJx41kKzD6W3Jh9SL4MdjcqN3pwdCJ5nCTJV3Zsc37CgVpCW3bL1xb5ClhPSW8vy3CT3qpqqQW1Ncrdz8V4RHfW1dB9Fn3w1h_9W4rdBrV5_p-7sW3rnQwp5h1pL0W4Gx8k587SG98W3VH1mX7_HVP4N3pZpRjMVvMhW8-kJkz7yG0MyW3t90y97G9ZxmW8dh2B458W4bnW6pxtzc4hW10RW2qxf6j18_7DBW38Vxyg474fYBVBSlcJ6_McZVW3zdQCp7K9xnqW92XlRv84rcqtW8kj01T1Gvf-LMPf03xTb54-N1MkQ-kZdJB9W7xRY_h34tvryN3B26bQ350SRN4x5686xQxVvW5hvBxz5bvxTkW2VFSv42DlWpZW2KCvsm5bTh5wVgg19680T_DnW5S0GWq3WV76MW197CDN3n9bLLV7HTFJ1ywptxVcBYbP3vcZmb34sn1 Page URL
https://info.quantexa.com/events/public/v1/encoded/track/tc/DL+113/cFBR404/VVwDjb1VT6R0W4kRJx41kKzD6W3Jh9SL4MdjcqN3pwdCJ5nCTJV3Zsc37CgVpCW3bL1xb5ClhPSW8vy3CT3qpqqQW1Ncrdz8V4RHfW1dB9Fn3w1h_9W4rdBrV5_p-7sW3rnQwp5h1pL0W4Gx8k587SG98W3VH1mX7_HVP4N3pZpRjMVvMhW8-kJkz7yG0MyW3t90y97G9ZxmW8dh2B458W4bnW6pxtzc4hW10RW2qxf6j18_7DBW38Vxyg474fYBVBSlcJ6_McZVW3zdQCp7K9xnqW92XlRv84rcqtW8kj01T1Gvf-LMPf03xTb54-N1MkQ-kZdJB9W7xRY_h34tvryN3B26bQ350SRN4x5686xQxVvW5hvBxz5bvxTkW2VFSv42DlWpZW2KCvsm5bTh5wVgg19680T_DnW5S0GWq3WV76MW197CDN3n9bLLV7HTFJ1ywptxVcBYbP3vcZmb34sn1?_ud=8536da24-bf53-4bf7-aea1-ba347cc3b2fa&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVwDjb1VT6R0W4kRJx41kKzD6W3Jh9SL4MdjcqN3pwdCJ5nCTJV3Zsc37CgVpCW3bL1xb5ClhPSW8vy3CT3qpqqQW1Ncrdz8V4RHfW1dB9Fn3w1h_9W4rdBrV5_p-7sW3rnQwp5h1pL0W4Gx8k587SG98W3VH1mX7_HVP4N3pZpRjMVvMhW8-kJkz7yG0MyW3t90y...
info.quantexa.com/e3t/Ctc/DL+113/cFBR404/ 10 KB
3 KB 239ms
175ms Document
text/html 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.quantexa.com/e3t/Ctc/DL+113/cFBR404/VVwDjb1VT6R0W4kRJx41kKzD6W3Jh9SL4MdjcqN3pwdCJ5nCTJV3Zsc37CgVpCW3bL1xb5ClhPSW8vy3CT3qpqqQW1Ncrdz8V4RHfW1dB9Fn3w1h_9W4rdBrV5_p-7sW3rnQwp5h1pL0W4Gx8k587SG98W3VH1mX7_HVP4N3pZpRjMVvMhW8-kJkz7yG0MyW3t90y97G9ZxmW8dh2B458W4bnW6pxtzc4hW10RW2qxf6j18_7DBW38Vxyg474fYBVBSlcJ6_McZVW3zdQCp7K9xnqW92XlRv84rcqtW8kj01T1Gvf-LMPf03xTb54-N1MkQ-kZdJB9W7xRY_h34tvryN3B26bQ350SRN4x5686xQxVvW5hvBxz5bvxTkW2VFSv42DlWpZW2KCvsm5bTh5wVgg19680T_DnW5S0GWq3WV76MW197CDN3n9bLLV7HTFJ1ywptxVcBYbP3vcZmb34sn1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 728ff8be48fc9238-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 11 Jul 2022 07:54:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 11 Jul 2022 07:54:32 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhnqHVc2XBVSNcC8rGoDlS1C7cs8LB1ZUXyg%2Bt1fN0DeFYADlmbXtxAfhAp6jnfO9A8c%2BnHfVvx2V3mniJnvdYR5AskMXOkOLh56fWXMOna5PZ9nkuAqTAklx5R%2FOEaTcrBzXZnaF1yuo1XaW05m"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: e087c8a4-34d5-4277-8180-ca33afd6a490
x-robots-tag: none

GET
H2

200

Primary Request / Show response
www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/
Redirect Chain

https://info.quantexa.com/events/public/v1/encoded/track/tc/DL+113/cFBR404/VVwDjb1VT6R0W4kRJx41kKzD6W3Jh9SL4MdjcqN3pwdCJ5nCTJV3Zsc37CgVpCW3bL1xb5ClhPSW8vy3CT3qpqqQW1Ncrdz8V4RHfW1dB9Fn3w1h_9W4rdBrV5...
https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218...

93 KB
19 KB

443ms
178ms

Document
text/html

141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email

Requested by

Host: info.quantexa.com
URL: https://info.quantexa.com/e3t/Ctc/DL+113/cFBR404/VVwDjb1VT6R0W4kRJx41kKzD6W3Jh9SL4MdjcqN3pwdCJ5nCTJV3Zsc37CgVpCW3bL1xb5ClhPSW8vy3CT3qpqqQW1Ncrdz8V4RHfW1dB9Fn3w1h_9W4rdBrV5_p-7sW3rnQwp5h1pL0W4Gx8k587SG98W3VH1mX7_HVP4N3pZpRjMVvMhW8-kJkz7yG0MyW3t90y97G9ZxmW8dh2B458W4bnW6pxtzc4hW10RW2qxf6j18_7DBW38Vxyg474fYBVBSlcJ6_McZVW3zdQCp7K9xnqW92XlRv84rcqtW8kj01T1Gvf-LMPf03xTb54-N1MkQ-kZdJB9W7xRY_h34tvryN3B26bQ350SRN4x5686xQxVvW5hvBxz5bvxTkW2VFSv42DlWpZW2KCvsm5bTh5wVgg19680T_DnW5S0GWq3WV76MW197CDN3n9bLLV7HTFJ1ywptxVcBYbP3vcZmb34sn1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

4fb75556db99a99617f59cd59824b19a2f90e09b8af474bf680d1661ab2b2a2a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://info.quantexa.com/e3t/Ctc/DL+113/cFBR404/VVwDjb1VT6R0W4kRJx41kKzD6W3Jh9SL4MdjcqN3pwdCJ5nCTJV3Zsc37CgVpCW3bL1xb5ClhPSW8vy3CT3qpqqQW1Ncrdz8V4RHfW1dB9Fn3w1h_9W4rdBrV5_p-7sW3rnQwp5h1pL0W4Gx8k587SG98W3VH1mX7_HVP4N3pZpRjMVvMhW8-kJkz7yG0MyW3t90y97G9ZxmW8dh2B458W4bnW6pxtzc4hW10RW2qxf6j18_7DBW38Vxyg474fYBVBSlcJ6_McZVW3zdQCp7K9xnqW92XlRv84rcqtW8kj01T1Gvf-LMPf03xTb54-N1MkQ-kZdJB9W7xRY_h34tvryN3B26bQ350SRN4x5686xQxVvW5hvBxz5bvxTkW2VFSv42DlWpZW2KCvsm5bTh5wVgg19680T_DnW5S0GWq3WV76MW197CDN3n9bLLV7HTFJ1ywptxVcBYbP3vcZmb34sn1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 728ff8c23a65996c-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 11 Jul 2022 07:54:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 30 Jun 2022 11:49:31 GMT
link: <https://www.bai.org/wp-json/>; rel="https://api.w.org/" <https://www.bai.org/?p=51928>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=7776000
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 30
x-cache-group: normal
x-cacheable: YES:3600.000
x-content-type-options: nosniff
x-frame-options: sameorigin
x-powered-by: WP Engine

Redirect headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 728ff8bf7aa89238-FRA
date: Mon, 11 Jul 2022 07:54:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email>; rel="canonical"
location: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KasUou1mIrN8b%2BS1tbY5svI7a9ebfsNl8lWo93O3VWiv3%2BdPvoMhcb8OPR%2FE%2FbqtZ9M0VIbcs8HAVP6boGxE4bCL4TSr0A8LXqcfc7iY5qxfXrlTHukAC7DNeEt1UhImYObXC2H%2By2UibOSEN1jT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: a00a02b7-ca7b-4022-8631-c53982ce8483
x-robots-tag: none

GET
H2 200 style.min.css
www.bai.org/wp-includes/css/dist/block-library/ 87 KB
12 KB 46ms
43ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0

Requested by

Host: www.bai.org
URL: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 387413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Jun 2022 15:23:10 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"629a275e-15b26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c35c14996c-FRA

GET
H2 200 slick.css
www.bai.org/wp-content/themes/Avada-Child-Theme/slick/ 2 KB
612 B 40ms
38ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes/Avada-Child-Theme/slick/slick.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 387413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"60766843-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c35c19996c-FRA

GET
H2 200 slick-theme.css
www.bai.org/wp-content/themes/Avada-Child-Theme/slick/ 3 KB
977 B 38ms
36ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes/Avada-Child-Theme/slick/slick-theme.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 387413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"60766843-c49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c35c1b996c-FRA

GET
H2 200 style_login_widget.css
www.bai.org/wp-content/plugins/miniorange-login-with-eve-online-google-facebook/css/ 3 KB
1 KB 40ms
38ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/plugins/miniorange-login-with-eve-online-google-facebook/css/style_login_widget.css?ver=6.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

32af1dff3fa6c5cad6e29db394ec3010672c2a04fb65d74283d93d0b32e65419

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 387413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Jun 2022 00:25:06 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"62b3b2e2-b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c35c1c996c-FRA

GET
H2 200 style.css
www.bai.org/wp-content/themes/Avada-Child-Theme/ 21 KB
5 KB 44ms
42ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a9ff9e63d3fe3f15e05dbf6617046a215f7aee56cf7b38af0799120c679bcad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 387413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 20 Aug 2021 18:32:23 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"611ff537-5532"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c35c1d996c-FRA

GET
H2 200 a1b49b64f2ee72b3554b4627f2dbafeb.min.css
www.bai.org/wp-content/uploads/fusion-styles/ 802 KB
110 KB 50ms
48ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/uploads/fusion-styles/a1b49b64f2ee72b3554b4627f2dbafeb.min.css?ver=3.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f362e60f8d601a144bc2797fdf3ebaf56d0e7518bc1539b31841fc7f158541e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 387413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 18:53:46 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"62c5da3a-c89fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c35c1f996c-FRA

GET
H2 200 jquery.min.js Show response
www.bai.org/wp-includes/js/jquery/ 87 KB
31 KB 45ms
44ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 385813
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"6048e0ac-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c35c20996c-FRA

GET
H2 200 jquery-migrate.min.js Show response
www.bai.org/wp-includes/js/jquery/ 11 KB
4 KB 43ms
42ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 385813
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5fb4e3fe-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c35c21996c-FRA

GET
H2 200 custom.js Show response
www.bai.org/wp-content/themes/Avada-Child-Theme/js/ 4 KB
1 KB 36ms
35ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes/Avada-Child-Theme/js/custom.js?ver=6152020

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc1d801cba73940a2ea5e573018f58da387b9d9d70b1de988be2c9dfb3a1829

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 385813
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Feb 2022 14:15:29 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"620e5881-eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c35c22996c-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 131ms
53ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1270 / 821 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 11 Jul 2022 07:54:32 GMT

GET
H3 200 bai.png
www.bai.org/wp-content/uploads/2020/04/ 1 KB
1 KB 34ms
33ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bai.org/wp-content/uploads/2020/04/bai.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9879f2a62f9d59898e2eae1ba2ca9b9b0a9c5d2d263b9e76d7bbc8e7c3ebbcf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 174269
cf-polished: origFmt=png, origSize=1286
content-disposition: inline; filename="bai.webp"
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1150
last-modified: Wed, 14 Apr 2021 03:57:54 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60766842-506"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c55d2dbbd1-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 email-decode.min.js Show response
www.bai.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
937 B 18ms
18ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Jul 2022 12:55:25 GMT
server: cloudflare
etag: W/"62c5863d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 728ff8c3cabdbbd1-FRA
vary: Accept-Encoding
expires: Wed, 13 Jul 2022 07:54:32 GMT

GET
H2 200 forms2.min.js
info.bai.org/js/forms2/js/ 206 KB
0 229ms
28ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.bai.org/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 21:04:07 GMT
server: cloudflare
age: 4717
etag: "20f6a-3391f-5e16ebec83fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
strict-transport-security: max-age=63072000;
cf-ray: 728ff8c6b9af9b4c-FRA
expires: Mon, 11 Jul 2022 11:54:33 GMT

GET
H3 200 logo-white.png
www.bai.org/wp-content/uploads/2020/04/ 574 B
964 B 39ms
39ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bai.org/wp-content/uploads/2020/04/logo-white.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb790893d25c98efbc01960b0c862e16fb16ac26b0a905e74831df1779335466

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 336195
cf-polished: origFmt=png, origSize=681
content-disposition: inline; filename="logo-white.webp"
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 574
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60766843-2a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c59db7bbd1-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 sitesearch360-v13.min.js Show response
cdn.sitesearch360.com/v13/ 222 KB
69 KB 158ms
25ms Script
application/javascript 2606:4700::6812:892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Requested by: Host: www.bai.org
URL: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:892 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ef6dd6a7ab11caa5cf1fb37eaf5e02bd4fdba2e29305d0e93298e1a4bbe84ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 09:18:13 GMT
server: cloudflare
age: 254167
etag: W/"37821-5e22e0cb61e71-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 728ff8c66b6a92ba-FRA
expires: Thu, 11 Aug 2022 07:54:33 GMT

GET
H3 200 slick.js Show response
www.bai.org/wp-content/themes/Avada-Child-Theme/slick/ 87 KB
16 KB 47ms
47ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes/Avada-Child-Theme/slick/slick.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391523
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"60766843-15b7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c40b24bbd1-FRA

GET
H3 200 custom_script.js Show response
www.bai.org/wp-content/themes/Avada-Child-Theme/slick/ 237 B
456 B 37ms
36ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes/Avada-Child-Theme/slick/custom_script.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1533f689e5a431f3e692fe93a9ce0fafe15dacce2bdf3a2332363dc7bef75a52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 342958
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"60766843-ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c46ba1bbd1-FRA

GET
H3 200 3a6618865c3bd2b46e2671079c83f5b5.min.js Show response
www.bai.org/wp-content/uploads/fusion-scripts/ 313 KB
79 KB 84ms
83ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/uploads/fusion-scripts/3a6618865c3bd2b46e2671079c83f5b5.min.js?ver=3.7.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

276d2960b5f0cab7eb00b26ae596940cf112edcacafb597ba556bb7407a22a86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 16:38:57 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"62bdd1a1-4e4f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c4abfebbd1-FRA

GET
H3 200 wp-emoji-release.min.js Show response
www.bai.org/wp-includes/js/ 18 KB
5 KB 33ms
33ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Jun 2022 15:23:09 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"629a275d-48b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c59dbbbbd1-FRA

GET
H3 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 89ms
29ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bai.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 11 Jul 2022 06:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 11 Jul 2023 06:01:33 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
71 B 108ms
41ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bai.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4bd291156b55d7088fd0c018ffdddf689dd2f65bde3f759d74e6291754442af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47
x-xss-protection: 0
expires: Mon, 11 Jul 2022 07:54:33 GMT

GET
H3 200 hinted-subset-Calibre-Regular.woff2
www.bai.org/wp-content/themes//fonts/ 19 KB
19 KB 37ms
36ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes//fonts/hinted-subset-Calibre-Regular.woff2

Requested by

Host: www.bai.org
URL: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a744cfe75ef2fa1b927270935ecde0be5745cf36bb8b55923b7968af5fbb7083

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19632
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60766843-4cb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c5bdecbbd1-FRA

GET
H3 200 awb-icons.woff
www.bai.org/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 20 KB
20 KB 75ms
75ms Font
font/woff 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff

Requested by

Host: www.bai.org
URL: https://www.bai.org/wp-content/uploads/fusion-styles/a1b49b64f2ee72b3554b4627f2dbafeb.min.css?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

129b3422c0a2b9b6f08a19d8777f313ab28c5fb0aa050d1170c822443c8dc28c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.bai.org/wp-content/uploads/fusion-styles/a1b49b64f2ee72b3554b4627f2dbafeb.min.css?ver=3.7.1
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20076
last-modified: Fri, 22 Apr 2022 18:10:05 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "6262ef7d-4e6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: font/woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c5bdf3bbd1-FRA

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae22531cdc7f12a84b440802a550253017e9ddc69c58d2438da0e6ed45186836

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 /
www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/ 77 KB
77 KB 431ms
431ms Image
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: YES:3600.000
x-powered-by: WP Engine
x-cache: HIT: 31
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache-group: normal
last-modified: Thu, 30 Jun 2022 11:49:31 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600, must-revalidate
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
cf-ray: 728ff8c5de37bbd1-FRA
link: <https://www.bai.org/wp-json/>; rel="https://api.w.org/", <https://www.bai.org/?p=51928>; rel=shortlink

GET
H3 200 hinted-subset-Calibre-Semibold.woff2
www.bai.org/wp-content/themes//fonts/ 19 KB
20 KB 36ms
35ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes//fonts/hinted-subset-Calibre-Semibold.woff2

Requested by

Host: www.bai.org
URL: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdb200c95a69916e299bd758e75b950f93d917ff646d2820c0ee9078497241d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19940
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60766843-4de4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c5ee47bbd1-FRA

GET
H3 200 hinted-subset-MuseoSlab-700.woff2
www.bai.org/wp-content/themes//fonts/ 21 KB
22 KB 37ms
36ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes//fonts/hinted-subset-MuseoSlab-700.woff2

Requested by

Host: www.bai.org
URL: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3479a08228c96478b49f80a0d08ef9591d4af5e9fd86dec5b54eee31a5da2074

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21920
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60766843-55a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c5ee48bbd1-FRA

GET
H3 200 hinted-subset-MuseoSlab-500.woff2
www.bai.org/wp-content/themes//fonts/ 21 KB
21 KB 38ms
37ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes//fonts/hinted-subset-MuseoSlab-500.woff2

Requested by

Host: www.bai.org
URL: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

894501fdcdf4d3b565dc719e24bf5c32fc7078a5a5a4c4ffcd1ac9b2b924f457

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21472
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60766843-53e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c5ee4abbd1-FRA

GET
H3 200 hinted-subset-Calibre-SemiboldItalic.woff2
www.bai.org/wp-content/themes//fonts/ 20 KB
20 KB 48ms
48ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes//fonts/hinted-subset-Calibre-SemiboldItalic.woff2

Requested by

Host: www.bai.org
URL: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

205efd42bd95c34b8411399c5d23ef9af32a7570bd2a82cc899b6528945b10fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20572
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60766843-505c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c5ee4bbbd1-FRA

GET
H3 200 hinted-subset-Calibre-RegularItalic.woff2
www.bai.org/wp-content/themes//fonts/ 20 KB
20 KB 49ms
48ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes//fonts/hinted-subset-Calibre-RegularItalic.woff2

Requested by

Host: www.bai.org
URL: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c856cf2de2fc9961721ac815f1c4dcb28bfb744a9f028b6d46ca3e848312ea59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20092
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60766843-4e7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c5ee4ebbd1-FRA

GET
H3 200 hinted-subset-MuseoSlab-500Italic.woff2
www.bai.org/wp-content/themes//fonts/ 21 KB
22 KB 63ms
62ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bai.org/wp-content/themes//fonts/hinted-subset-MuseoSlab-500Italic.woff2

Requested by

Host: www.bai.org
URL: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b670b94c82dd95830c6d0d374bb274beb5f5986a55d54c396b6e693a61216b59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.bai.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.0
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 342958
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22000
last-modified: Wed, 14 Apr 2021 03:57:55 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60766843-55f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c5ee63bbd1-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 123ms
59ms Script
application/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bai.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 131ms
47ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bai.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 170 KB
21 KB 92ms
91ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4428583531865342&correlator=3674720082924307&eid=44768682%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=6076320%2CBAI-Events-Pages-ResponsiveAd%2CBAI-Events-Pages-ResponsiveAd2%2CBAI-Events-Pages-SkyScraper%2CBAI-Events-Oages-Skyscraper2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C300x250%2C160x600%2C160x600&ifi=1&adks=1440775731%2C1212757096%2C250782459%2C375162693&sfv=1-0-38&ecs=20220711&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1657526073297&lmt=1656589771&dlt=1657526072853&idt=351&biw=1600&bih=1200&adxs=-12245933%2C-12245933%2C1209%2C1209&adys=-12245933%2C-12245933%2C234%2C864&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.bai.org%2Fbanking-strategies%2Farticle-detail%2Fwhy-automating-kyc-is-more-critical-than-ever%2F%3Futm_campaign%3DContent%2520%257C%25201LOD%2520Fraud%2520Whitepaper%2520%257C%2520Global%26utm_medium%3Demail%26_hsmi%3D218932435%26_hsenc%3Dp2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug%26utm_content%3D218932433%26utm_source%3Dhs_email&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0%7C0x0%7C151x1230%7C151x1230&msz=0x-1%7C0x-1%7C160x-1%7C160x-1&fws=132%2C132%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1392268018.1657526073&ga_sid=1657526073&ga_hid=1889363941&ga_fc=false&btvi=-1%7C-1%7C0%7C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8bea860ed783d52c3ee320c91a2bc13c6c94f662ce63a0641a7cd9221c8bebad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21670
x-xss-protection: 0
google-lineitem-id: 6055513855,6062642561,6054059418,6056215139
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138396929664,138397904427,138397379038,138396784391
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bai.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
975eb5ffa048b1c41dad4ab8696090db.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C24 0
0

GET
H3 200 Carl_Ottman-150x150.jpg
www.bai.org/wp-content/uploads/2022/06/ 3 KB
3 KB 33ms
32ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bai.org/wp-content/uploads/2022/06/Carl_Ottman-150x150.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db3bf7b0089f8afdad45c87bda143eff687485bb66181043e1a82cef5ef0fac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/banking-strategies/article-detail/why-automating-kyc-is-more-critical-than-ever/?utm_campaign=Content%20%7C%201LOD%20Fraud%20Whitepaper%20%7C%20Global&utm_medium=email&_hsmi=218932435&_hsenc=p2ANqtz-8qHkwPu9vx-Wm5yXakwMSRnqI2HBY15znEza0NlAtb7cHapIw0WvsBOwKwk2uXO2EWCR_5Jci85vbUEwJOsXfGtxVxug&utm_content=218932433&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3209
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2726
last-modified: Wed, 06 Jul 2022 16:44:35 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "62c5bbf3-aa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7776000
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 728ff8c6cfc4bbd1-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 66ms
65ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6O8LDsYdKj-Akw42fviRxH8N0BtuWSjrCbSOX7rYURnIa57rayPbGp455yOo_sG680yHBLDmNh48CCy2G5oMR_F9BqKYjwn62uJBUQLhKtsSnPap2_E84MJH-JtSn3e6Y-v7crk5Tjkwjez8VWLvVwbNfTNTYl0L2duODUSA_Io5ZmDlUY_RVG1Pfs8ojFGxqhAplLMwdEzAcKMiFyS-Hb8i-WZ6nsNW8rJH1d5THtseMt9ER8wGKHsErIb4Bg4qVZ-3EeiS7txrrn4gFy6H9pHZtNJhm4-Y-8Ai4l3emT6nMs0wYlKwxVZ6sKZlByk3Xt0cl-1MWM29JLUKj&sai=AMfl-YTYZGmSHAaucnMtFduT3l9dfsLq5JqU1e-7R3kHtzcxW46riJzMNHBBeG7yeBhmOKgeqNiSFdF0VjWMkUpiPy04Mpb5uOa2tuYxSj_gySSPtUF7umbSrn0MgdX_HpA&sig=Cg0ArKJSzCI71x7GA9l4EAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 11 Jul 2022 07:54:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ 21 KB
9 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bai.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 11 Jul 2022 07:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 07:51:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ 3 KB
1 KB 130ms
47ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 07:47:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 137 KB
43 KB 132ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bai.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Jul 2022 07:54:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 127ms
43ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSz_cKGiKdGwIdoMtnjp3k6V4Vjqz58xZjYsREbXRwvhv3C5CEurZKYynUH1_VMe6VewHw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 13029157639602434590
tpc.googlesyndication.com/simgad/ 54 KB
54 KB 129ms
47ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13029157639602434590

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5911ce91255dced70498d59bdd7ee1c72260d2591a1451f2afe1b0b6b401af53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 09:46:56 GMT
x-content-type-options: nosniff
age: 598057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54836
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:42:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 09:46:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 65ms
65ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstT5F820r-mO9ib6_mdcCGTzkWzxQ4QlkgT2khqoKvSFl_67AkkiigzrQDDikCjXdzfg6gNyhLVJp5oMMD5w5WaEdwRPUopHKklv-7z0wdtUm52M0Tiaf2R5BpQEJTJz2CAfO4CiNmYwDEl1L2LAWp6ygJ5tb8HUxx2_W1NYPZ0XMdEBNenTnD-ol-dlML0S9pjhpSfrcvcwImy06Kbh9dzHiEt50WT7aZHEIvzDoHMDDag7Vk8zGC16W5mlWYEas5Mm75a9uucHrNSke3wrC-Y4mq1lVffMk7nvcbwZmRCDk4UKqkDOHvgtUFIffcvruevCKAWoR63GLJRKR_rZA&sai=AMfl-YRFT981KB0rCEOkx2WHtOzf1evbbK4BseLNCDkPx1mMzrXo9aYSDC2N7I4CdQeCgxmrh5PZGqe6E0QITFnJd124vgSXojy5V6r1_tj0YRK3vUvUfbk-55KUBoRSteU&sig=Cg0ArKJSzMY7FibuWgRsEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 11 Jul 2022 07:54:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 125ms
44ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwzP_RVV4okbI0_NUVAMI3QStY8HgwSv-Bo02vKzICSTPd6mx6Nl_nAHKtmFtKKI70XoEG
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 607651441116767858
tpc.googlesyndication.com/simgad/ 56 KB
56 KB 184ms
106ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/607651441116767858

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f035760b01a6b991e4a92d6968c166cae5693bd871eb6cc10179eb2509996564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57464
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 19:01:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Jul 2023 07:54:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 67ms
66ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnydg64XWwyZYDp-Sd0lWDzq3X8QdpenmOnOBL_BEQaYzL22tZKZzg6pGhaYHBYqVWKEt6Hlblzlze9eUmN0CBpVZgQ0kbclaGeYQl5WwLMH8KlHldrC-jAnEfrzUFvI4Ld4GsdmrqVYnOvVXFM2u-S7dRlX0_ChGi5746Sa5XhApOGBsZWYibpDh5pfLEBteFSBRKa6FBxbVNiR4-bEKdFTPe-J01UUKFLAdrNSzCaNlw5mUmvpg357DXB0NHsy9ogrTTiwsVAsVJBSQDbb3ffw6-n6zfva7Q1zXQLQLfKoTntoHE7-hfn2itgNLD7Bc4auWRWEzAfYSS_w&sai=AMfl-YSbgD07wF3FiuRvBNIL6KoCoJWqLkjvxcpQIiR1NUSFFFqh-iS9UGS3-XRBQVR4iTrq2nXt9TwlS47iEP4Ao6BJ50WnOGxhHpB-fDmbQyFljKJcuKXnGF0j2qJPZLY&sig=Cg0ArKJSzJvUVdK92YYeEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 11 Jul 2022 07:54:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 121ms
44ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQubj5KmTQyUuiQ3wVQvVZFinmOoSxhXvHiprEr0NQufxaQk1o903zYwTCGyNjaFtms9JJk
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 4740794370570653892
tpc.googlesyndication.com/simgad/ 74 KB
74 KB 235ms
161ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4740794370570653892

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e9642abb62aed854b846dc32a951ba67c72bebd066eef8571d8601783295f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75923
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 20:10:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Jul 2023 07:54:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 66ms
66ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv3IzhGtDTBAoMYaEapYqr6T7Q1FGKXopPszQkSu_5eDEigFIhSUQteLlW4ChSKv844HrnNI5ExVEMXIqa45PMGpDmGnHy3_GuYfq59peKbC_kXAJ_OaxnHH087KqAEt1yXzmwVgROkOiATpR9aKykshyR64ycyX4SGvRuaIe1sOMRS6AQXTiijopW2puZqWwSjJwBZ5tZTWv3E6e9rLF60w0XVoYnCwLxIqQundD3DOfhv1URead6jxeotwEc2TO1Lv_VqVj6t08GGtLg07gG_oRyMXq8iVS-P0IE1zEflJhrDUeJDK9anfeW2NRxjJ7yeauic3u-6YS47z0&sai=AMfl-YRQcJHBq4I63kHP6tQ82XlIlPe2GXR6VB9nVXs6zzofJA49VUai81__NeWrKd3cDSCmwmTWIcBtif1ltdcxzST55vwdIHJxEV8PrF5G9aESB4E9H9C_NXAph-jAVI0&sig=Cg0ArKJSzIyfcOGbGZ8EEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 11 Jul 2022 07:54:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 186ms
113ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTY7G08jNbJznSp8ypc8NDUe-78toVUwU4AuTW0BMilbIYTwtxUL47b4w2pFTITA_Uf3GHY
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 4465120468377603381
tpc.googlesyndication.com/simgad/ 72 KB
72 KB 206ms
136ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4465120468377603381

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea96d3305c0ef5935389eb738acbafbf0f46b72280987c6ca23edbe6247c0436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73796
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 15:16:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Jul 2023 07:54:33 GMT

POST
H2 204 session Show response
insights.sitesearch360.com/insights/ 0
312 B 81ms
52ms XHR
text/plain 2606:4700::6812:892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights.sitesearch360.com/insights/session?version=13.3
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:892 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bai.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow-control-allow-origin: *
access-control-allow-origin: *
allow-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cf-ray: 728ff8c78a765c2c-FRA
access-control-allow-headers: *

GET
H2 200 ss360-unibox-v13.chunk.27665f6cc18723c8c279.js Show response
cdn.sitesearch360.com/v13/ 49 KB
14 KB 53ms
53ms Script
application/javascript 2606:4700::6812:892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v13/ss360-unibox-v13.chunk.27665f6cc18723c8c279.js
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:892 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62db744adb365b3f34dc423c5a427500b77ecf056b541a87706dad1392e0bf35

Request headers

Referer: https://www.bai.org/
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 09:18:13 GMT
server: cloudflare
age: 533765
etag: W/"c25d-5e22e0cb69b71-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 728ff8c85bcb5c2c-FRA
expires: Thu, 11 Aug 2022 07:54:33 GMT

GET
H2 200 ss360-styles-v13.chunk.6ae25745a22b6f76ba5b.js Show response
cdn.sitesearch360.com/v13/ 35 KB
9 KB 25ms
25ms Script
application/javascript 2606:4700::6812:892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v13/ss360-styles-v13.chunk.6ae25745a22b6f76ba5b.js
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:892 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e4a4968e02c18d03ac98083e3fdfee6a5a2514a59d3e8474b3c5fccdb72313

Request headers

Referer: https://www.bai.org/
Origin: https://www.bai.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 07:54:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 09:18:13 GMT
server: cloudflare
age: 199585
etag: W/"8df4-5e22e0cb64d51-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 728ff8c86bcc5c2c-FRA
expires: Thu, 11 Aug 2022 07:54:33 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d2ab3f02226dae3a1b1048e8b8ec9f4348f7282f6eceea4f3d88eecbdb74cfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 69ms
69ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst72eO30PQyS78Jmw76c9dTqxQnQdFMKZoi8Rk-TGSwRBRokn8xg5KSK5bZNE-zA-u3OlgqOGIQwvGErJPzCDlmgTKRsrcmFkTFR-_jQQrlAuHs9ynPSJBpNUwaOZDdAyVkRTyAif3hN-UbQMI41jGnVLLyrJaFqNeK-3U1DX_rNKBxtyhsDS0ydeq34GcWflZy_3mZNTVGPQHDElWD9-4rjUhexfoBV2ULU915ctlFVlTEkOL00gWRxzJorif4rgqQ08kBVzdB5_rJ8P6fs-XC3BwYOLofqF6nkPSDE6sOicxB0KBcVQe5eBJWVB3r8KDJZoNrNGc4iVU69-Lgow&sai=AMfl-YQ8f9cYx0cfscd-beGEHHMeyQ5sKvRvnf-e7xAhf6F3ZiiiHz_aRBQBPevVkuIEvFncDq_ktjjD6Xa5Ubw7D5lmUNpvWVLxXR2kzBNJ_wMvmO4swEGgw8NSXuKYMOI&sig=Cg0ArKJSzAPUgVSTxEa_EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 07:54:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 11 Jul 2022 07:54:33 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
497 B 151ms
71ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvh-2DM25KWc9xoCZiKnUT20Wp-ATXCXM8SHEa-cghwFnOnZ_c8VEK7sYq1Yf9uSdKoLbtlah0inmcK6xsRCZQ4JiTtXsQILUR74qBDdaF5cMa-Ho3U&sig=Cg0ArKJSzNeNqnZndPBOEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=375162693&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657526072237&rpt=1459&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bai.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 07:54:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 975eb5ffa048b1c41dad4ab8696090db.safeframe.googlesyndication.com
URL: https://975eb5ffa048b1c41dad4ab8696090db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.quantexa.com/	1969-12-31 23:59:59	Name: __cfruid Value: 37dd591af1d706d4ef1a2a1f475657ccaa7357a4-1657526072
.bai.org/	1970-01-20 13:47:02	Name: __gads Value: ID=2dc2b866c3bcab53-224e7d5ccacd0063:T=1657526073:S=ALNI_MYr3nspiShbL8eXSIAQID35icGGpw
.info.bai.org/	1970-01-20 04:25:27	Name: __cf_bm Value: 4ZMKBekqbV5jQP5T96kuL4EK8aRTRsKJngeT.1aNXvQ-1657526073-0-AcjAbocxHkzGCuVNt6HTkNZpo5j0RK8Y/38BBuatVS8MjFEgJNAd/72N4e+uNkuXSGfRTSJKBHnaBOJRtsHZMYA=
www.bai.org/	1970-01-20 13:11:02	Name: ssi--sessionId Value: 46d170a5-8feb-7a8d-289a-4e518ac67141
www.bai.org/	1970-01-20 04:25:26	Name: ssi--lastInteraction Value: 1657526073491
.doubleclick.net/	1970-01-20 13:47:02	Name: IDE Value: AHWqTUnXnRv9prujQ42yVR1-0FdSuVepiOOr0HPotPzMyi5wugPd-J7TdFrskKoUynw

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

975eb5ffa048b1c41dad4ab8696090db.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.sitesearch360.com
info.bai.org
info.quantexa.com
insights.sitesearch360.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bai.org
www.google.com
www.googletagservices.com
975eb5ffa048b1c41dad4ab8696090db.safeframe.googlesyndication.com
104.17.70.206
141.193.213.21
142.250.185.98
2606:2c40::c73c:67e2
2606:4700::6812:892
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:82a::2002
2a00:1450:4014:80a::2002
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4
0e9642abb62aed854b846dc32a951ba67c72bebd066eef8571d8601783295f88
129b3422c0a2b9b6f08a19d8777f313ab28c5fb0aa050d1170c822443c8dc28c
1533f689e5a431f3e692fe93a9ce0fafe15dacce2bdf3a2332363dc7bef75a52
1db3bf7b0089f8afdad45c87bda143eff687485bb66181043e1a82cef5ef0fac
205efd42bd95c34b8411399c5d23ef9af32a7570bd2a82cc899b6528945b10fe
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
276d2960b5f0cab7eb00b26ae596940cf112edcacafb597ba556bb7407a22a86
2f362e60f8d601a144bc2797fdf3ebaf56d0e7518bc1539b31841fc7f158541e
32af1dff3fa6c5cad6e29db394ec3010672c2a04fb65d74283d93d0b32e65419
3479a08228c96478b49f80a0d08ef9591d4af5e9fd86dec5b54eee31a5da2074
3d2ab3f02226dae3a1b1048e8b8ec9f4348f7282f6eceea4f3d88eecbdb74cfe
4a9ff9e63d3fe3f15e05dbf6617046a215f7aee56cf7b38af0799120c679bcad
4bd291156b55d7088fd0c018ffdddf689dd2f65bde3f759d74e6291754442af1
4fb75556db99a99617f59cd59824b19a2f90e09b8af474bf680d1661ab2b2a2a
5911ce91255dced70498d59bdd7ee1c72260d2591a1451f2afe1b0b6b401af53
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
62db744adb365b3f34dc423c5a427500b77ecf056b541a87706dad1392e0bf35
6ef6dd6a7ab11caa5cf1fb37eaf5e02bd4fdba2e29305d0e93298e1a4bbe84ff
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822
7fc1d801cba73940a2ea5e573018f58da387b9d9d70b1de988be2c9dfb3a1829
894501fdcdf4d3b565dc719e24bf5c32fc7078a5a5a4c4ffcd1ac9b2b924f457
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bea860ed783d52c3ee320c91a2bc13c6c94f662ce63a0641a7cd9221c8bebad
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a744cfe75ef2fa1b927270935ecde0be5745cf36bb8b55923b7968af5fbb7083
ae22531cdc7f12a84b440802a550253017e9ddc69c58d2438da0e6ed45186836
b1e4a4968e02c18d03ac98083e3fdfee6a5a2514a59d3e8474b3c5fccdb72313
b670b94c82dd95830c6d0d374bb274beb5f5986a55d54c396b6e693a61216b59
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
c856cf2de2fc9961721ac815f1c4dcb28bfb744a9f028b6d46ca3e848312ea59
c9879f2a62f9d59898e2eae1ba2ca9b9b0a9c5d2d263b9e76d7bbc8e7c3ebbcf
cdb200c95a69916e299bd758e75b950f93d917ff646d2820c0ee9078497241d2
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
ea96d3305c0ef5935389eb738acbafbf0f46b72280987c6ca23edbe6247c0436
eb790893d25c98efbc01960b0c862e16fb16ac26b0a905e74831df1779335466
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f035760b01a6b991e4a92d6968c166cae5693bd871eb6cc10179eb2509996564

www.bai.org Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

73 %IPv6

8 Domains

13 Subdomains

12 IPs

4 Countries

1117 kBTransfer

3340 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bai.org Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

73 %
IPv6

8
Domains

13
Subdomains

12
IPs

4
Countries

1117 kB
Transfer

3340 kB
Size

6
Cookies

57 HTTP transactions
2 data transactions