m.singlepoint.usbank.com Open in urlscan Pro
104.90.151.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://m.singlepoint.usbank.com/
Effective URL:
https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
Submission: On May 23 via automatic, source certstream-suspicious (May 23rd 2022, 6:33:04 pm UTC) — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 6 countries across 16 domains to perform 35 HTTP transactions. The main IP is 104.90.151.119, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is m.singlepoint.usbank.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on February 28th 2022. Valid for: a year.

This is the only time m.singlepoint.usbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	104.90.151.119 104.90.151.119	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	34.249.171.10 34.249.171.10	16509 (AMAZON-02) (AMAZON-02)
4	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	52.17.114.133 52.17.114.133	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	34.246.128.161 34.246.128.161	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7 7	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	23.35.228.247 23.35.228.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	34.204.120.207 34.204.120.207	14618 (AMAZON-AES) (AMAZON-AES)
35	16

13 104.90.151.119 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-151-119.deploy.static.akamaitechnologies.com

m.singlepoint.usbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.249.171.10 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-171-10.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.114.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

usbank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.usbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.128.161 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-128-161.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.66.49 (United States) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.90 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.204.120.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-120-207.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	usbank.com 1 redirects m.singlepoint.usbank.com smetrics.usbank.com — Cisco Umbrella Rank: 33431	483 KB
8	everesttech.net 8 redirects cm.everesttech.net — Cisco Umbrella Rank: 1058 sync-tm.everesttech.net — Cisco Umbrella Rank: 572	1 KB
7	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214 usbank.demdex.net — Cisco Umbrella Rank: 18819	10 KB
4	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5637	25 KB
3	doubleclick.net 1 redirects fls.doubleclick.net — Cisco Umbrella Rank: 459 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	2 KB
2	rkdms.com 1 redirects mid.rkdms.com — Cisco Umbrella Rank: 1159	71 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 518	1 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557	2 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 330	833 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 932	451 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 399	275 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354	239 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 232	539 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 338	265 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 534	355 B
35	16

	Domain	Requested by
13	m.singlepoint.usbank.com	1 redirects m.singlepoint.usbank.com
7	sync-tm.everesttech.net	7 redirects
6	dpm.demdex.net	1 redirects m.singlepoint.usbank.com
4	mpsnare.iesnare.com	m.singlepoint.usbank.com mpsnare.iesnare.com
2	mid.rkdms.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	cm.g.doubleclick.net	1 redirects
2	idsync.rlcdn.com	2 redirects
2	smetrics.usbank.com	m.singlepoint.usbank.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	c.bing.com	1 redirects
1	match.adsrvr.org
1	analytics.twitter.com
1	cm.everesttech.net	1 redirects
1	usbank.demdex.net	m.singlepoint.usbank.com
1	fls.doubleclick.net	m.singlepoint.usbank.com
35	20

This site contains no links.

Subject Issuer	Validity	Valid
www.usbank.com Entrust Certification Authority - L1M	`2022-02-28` - `2023-03-27`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2022-04-29` - `2023-05-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.usbank.com Entrust Certification Authority - L1K	`2022-03-28` - `2023-04-27`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
Frame ID: 4B45297512BC2E3F7F9B43047BFBF3A1
Requests: 21 HTTP requests in this frame

Frame: https://usbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 8ABFB1AC9ED3116A956210012A54B587
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mobile SinglePoint

Page URL History Show full URLs

https://m.singlepoint.usbank.com/ Page URL
https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logout.do?source=index HTTP 302
https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Floodlight (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://fls\.doubleclick\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

63 %
HTTPS

5 %
IPv6

16
Domains

20
Subdomains

16
IPs

6
Countries

521 kB
Transfer

542 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://m.singlepoint.usbank.com/ Page URL
https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logout.do?source=index HTTP 302
https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1653330781768 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1653330781768

Request Chain 17

https://cm.everesttech.net/cm/dd?d_uuid=06408372811282709753899351862016160930 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YovTXgAAAK9d_gNx

Request Chain 21

https://idsync.rlcdn.com/365868.gif?partner_uid=06408372811282709753899351862016160930 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMDY0MDgzNzI4MTEyODI3MDk3NTM4OTkzNTE4NjIwMTYxNjA5MzAQABoNCN6mr5QGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=c150b5ebf38271ea7a6e2745becb1f8d2f0a9ea7a3ee85c2dbc9ce40b730a60db0da87c991749652

Request Chain 22

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDY0MDgzNzI4MTEyODI3MDk3NTM4OTkzNTE4NjIwMTYxNjA5MzA= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELz385YFxxaO21mB8t6FnFA&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 25

https://c.bing.com/c.gif?uid=06408372811282709753899351862016160930&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3134E6BC33B0670A2503F71132DB66DB

Request Chain 26

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WW92VFhnQUFBSzlkX2dOeA==

Request Chain 27

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YovTXgAAAK9d_gNx&expires=90

Request Chain 28

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YovTXgAAAK9d_gNx HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YovTXgAAAK9d_gNx&C=1

Request Chain 29

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YovTXgAAAK9d_gNx HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYovTXgAAAK9d_gNx

Request Chain 30

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YovTXgAAAK9d_gNx

Request Chain 31

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YovTXgAAAK9d_gNx

Request Chain 32

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YovTXgAAAK9d_gNx&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YovTXgAAAK9d_gNx&img=1&__user_check__=1&sync_id=c8019658-dac6-11ec-91ae-1fe3cd8f0206

Request Chain 33

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=06408372811282709753899351862016160930&_ct=img HTTP 302
https://mid.rkdms.com/restricted

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
m.singlepoint.usbank.com/ 2 KB
1 KB 3177ms
685ms Document
text/html 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.singlepoint.usbank.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 709
Content-Type: text/html
Date: Mon, 23 May 2022 18:33:00 GMT
ETag: "0391f635fb3d01:0"
Last-Modified: Tue, 30 Jun 2015 18:05:46 GMT
Server
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Powered-By: ASP.NET

GET
H/1.1

200
OK

Primary Request logon Show response
m.singlepoint.usbank.com/spt_mobile_web/sbb/
Redirect Chain

https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logout.do?source=index
https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

5 KB
3 KB

509ms
509ms

Document
text/html

104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0 ASP.NET

Resource Hash

5e0b26d8accd0d2a02d8f71862d2ef12254673a2ef260688134cc5897aa79291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://m.singlepoint.usbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 2038
Content-Type: text/html; charset=ISO-8859-1
Date: Mon, 23 May 2022 18:33:01 GMT
Expires: -1
Pragma: no-cache
Server
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: Servlet/3.0 ASP.NET

Redirect headers

Cache-Control: no-cache="set-cookie, set-cookie2"
Connection: keep-alive
Content-Language: en-US
Content-Length: 0
Date: Mon, 23 May 2022 18:33:00 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
Server
Strict-Transport-Security: max-age=31536000
X-Powered-By: Servlet/3.0 ASP.NET

GET
H/1.1 200
OK visitorapi.js Show response
m.singlepoint.usbank.com/spt_mobile_web/js/adobeanalytics/ 44 KB
45 KB 201ms
200ms Script
application/javascript 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.singlepoint.usbank.com/spt_mobile_web/js/adobeanalytics/visitorapi.js

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0, ASP.NET

Resource Hash

715ad0c7a175bd2d42439cf3dea8985cf0dafda7a74a3013d7b97e400cee3f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Jul 2021 15:54:06 GMT
Server
X-Powered-By: Servlet/3.0, ASP.NET
Content-Language: en-US
Date: Mon, 23 May 2022 18:33:01 GMT
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 45473

GET
H/1.1 200
OK touchscreen.css
m.singlepoint.usbank.com/spt_mobile_web/css/ 2 KB
906 B 123ms
109ms Stylesheet
text/css 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.singlepoint.usbank.com/spt_mobile_web/css/touchscreen.css

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0, ASP.NET

Resource Hash

3892dd174c1e9551f111b43b55ce9e5a8af1f4e069e7289a5fec2039e42115b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 15:54:04 GMT
Server
X-Powered-By: Servlet/3.0, ASP.NET
Vary: Accept-Encoding
Content-Language: en-US
Date: Mon, 23 May 2022 18:33:01 GMT
Connection: keep-alive
Content-Type: text/css
Content-Length: 558

GET
H/1.1 200
OK main.js Show response
m.singlepoint.usbank.com/spt_mobile_web/js/ 1 KB
2 KB 145ms
131ms Script
application/javascript 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.singlepoint.usbank.com/spt_mobile_web/js/main.js

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0, ASP.NET

Resource Hash

0b5c0a5a250daf3ba9747608624395ac97b595e9148ee181ad24f6e7c48aa7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Jul 2021 15:54:06 GMT
Server
X-Powered-By: Servlet/3.0, ASP.NET
Content-Language: en-US
Date: Mon, 23 May 2022 18:33:01 GMT
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 1468

GET
H/1.1 200
OK jquery.js Show response
m.singlepoint.usbank.com/spt_mobile_web/js/ 271 KB
272 KB 181ms
159ms Script
application/javascript 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.singlepoint.usbank.com/spt_mobile_web/js/jquery.js

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0, ASP.NET

Resource Hash

3e3db2d89f0b40b86f49403aae0b06e061a9f8ffaf9804f8dcaf0a72090d894d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Jul 2021 15:54:06 GMT
Server
X-Powered-By: Servlet/3.0, ASP.NET
Content-Language: en-US
Date: Mon, 23 May 2022 18:33:01 GMT
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 277980

GET
H/1.1 200
OK fba.js Show response
m.singlepoint.usbank.com/spt_mobile_web/js/iovation/ 1 KB
2 KB 167ms
145ms Script
application/javascript 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.singlepoint.usbank.com/spt_mobile_web/js/iovation/fba.js

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0, ASP.NET

Resource Hash

b1f42715d8eda2c8875cdb07d69f573dbbcdf4dab64263a5b92a9f8dca2342b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Jul 2021 15:54:06 GMT
Server
X-Powered-By: Servlet/3.0, ASP.NET
Content-Language: en-US
Date: Mon, 23 May 2022 18:33:01 GMT
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 1363

GET
H/1.1 200
OK iovation.js Show response
m.singlepoint.usbank.com/spt_mobile_web/js/iovation/ 47 KB
48 KB 182ms
159ms Script
application/javascript 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.singlepoint.usbank.com/spt_mobile_web/js/iovation/iovation.js

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0, ASP.NET

Resource Hash

760d0de0f1bdaa91f91b55b8118e979b9a82e9b9c8458ea5d7916adbcf0e49ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Jul 2021 15:54:06 GMT
Server
X-Powered-By: Servlet/3.0, ASP.NET
Content-Language: en-US
Date: Mon, 23 May 2022 18:33:01 GMT
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 48526

GET
H/1.1 200
OK appmeasurement.js Show response
m.singlepoint.usbank.com/spt_mobile_web/js/adobeanalytics/ 100 KB
100 KB 205ms
83ms Script
application/javascript 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.singlepoint.usbank.com/spt_mobile_web/js/adobeanalytics/appmeasurement.js

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0, ASP.NET

Resource Hash

ade9550e2192553a327d227ebf0ad259d7e041184831e135711e82b43184317a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Jul 2021 15:54:06 GMT
Server
X-Powered-By: Servlet/3.0, ASP.NET
Content-Language: en-US
Date: Mon, 23 May 2022 18:33:01 GMT
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 101935

GET
H/1.1 200
OK usbank.gif
m.singlepoint.usbank.com/spt_mobile_web/img/ 1 KB
2 KB 109ms
109ms Image
image/gif 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.singlepoint.usbank.com/spt_mobile_web/img/usbank.gif

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-151-119.deploy.static.akamaitechnologies.com

Software

/ Servlet/3.0, ASP.NET

Resource Hash

b4879a8983f4fcbc9e1c2a5fca70eb33d703deac4fa408fbd606f13db7666b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Jul 2021 15:54:06 GMT
Server
X-Powered-By: Servlet/3.0, ASP.NET
Content-Language: en-US
Date: Mon, 23 May 2022 18:33:01 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1430

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1653330781768
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1653330781768

3 KB
2 KB

33ms
33ms

XHR
application/json

34.249.171.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1653330781768

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Server

34.249.171.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-171-10.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bd44042b9d1ebbc6e9828678d05a73f8b3510e81a572ef2f650ffbfaf75f8af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v031-05ef3562a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: om+61L7OQIU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://m.singlepoint.usbank.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1154
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v031-0213cbb87.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://m.singlepoint.usbank.com
X-TID: ko+vilEHQEw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1653330781768
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK dyn_wdp.js Show response
m.singlepoint.usbank.com/iojs/5.2.2/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/ 2 KB
3 KB 116ms
115ms Script
text/javascript 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.singlepoint.usbank.com/iojs/5.2.2/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/js/iovation/iovation.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-151-119.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cd170cc65c7e37dad47967035d4545055106f1b7491d3db33c87de8e283aa431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:33:01 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 2532
Expires: 0

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/5.2.2/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/ 49 KB
22 KB 355ms
90ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.2.2/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/js/iovation/iovation.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a805ac046ccd50c8fc886fa94c53ba9a28ecfbc0766c5c12a42c075b751e643f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:33:02 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H2 200 json Show response
fls.doubleclick.net/ 40 B
719 B 340ms
41ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fls.doubleclick.net/json?spot=3033967&src=1521091&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=2835394945655

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/js/adobeanalytics/appmeasurement.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60
x-xss-protection: 0
pragma: no-cache
server: cafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 297ms
34ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.25266294210512724

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2bbccdee5b547f79a2dde74ba4eb646cfbfe6228fc49340dd485069c3ff681d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://m.singlepoint.usbank.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 23 May 2022 18:33:02 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK logo.js Show response
m.singlepoint.usbank.com/iojs/5.2.2/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/ 477 B
858 B 262ms
262ms Script
text/javascript 104.90.151.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.singlepoint.usbank.com/iojs/5.2.2/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/logo.js
Requested by: Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/js/iovation/iovation.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.90.151.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-151-119.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 422994071fe5da24dbd729a96b55a32c44a659704066b5a7e0b7c94098c7e8e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:33:02 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 477
Expires: Tue, 23 May 2023 18:33:02 GMT

GET
H/1.1 200
OK dest5.html Show response
usbank.demdex.net/ Frame 8ABF 7 KB
3 KB 237ms
33ms Document
text/html 52.17.114.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://usbank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/js/adobeanalytics/visitorapi.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.114.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://m.singlepoint.usbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v031-059bc47c2.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: i91HOuDATNY=
content-encoding: gzip
date: Mon, 23 May 2022 18:33:02 GMT
last-modified: Wed, 27 Apr 2022 09:30:08 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.usbank.com/ 48 B
514 B 229ms
16ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.usbank.com/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=675616D751E567410A490D4C%40AdobeOrg&mid=06150884386351704713922857833859510906&ts=1653330782001

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/js/adobeanalytics/visitorapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a13bacc5c6a5cb44b31cb40861a15f73f5e7837ff8d950b18f1160d9b48a6bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.singlepoint.usbank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 23 May 2022 18:33:02 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-df488f754-rv85p
vary: Origin
x-c: main-1645.Id526ce.M0-571
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://m.singlepoint.usbank.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YovTXgAAAK9d_gNx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=06408372811282709753899351862016160930
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YovTXgAAAK9d_gNx

42 B
945 B

44ms
43ms

Image
image/gif

34.249.171.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YovTXgAAAK9d_gNx

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Server

34.249.171.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-171-10.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v031-0b4a9e24c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /Xt+H9oiSGA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YovTXgAAAK9d_gNx
Date: Mon, 23 May 2022 18:33:02 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.2.2/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/ 477 B
905 B 32ms
32ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.2.2/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/5.2.2/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

665b1683a3658b17113047b828eb05efa12279d40a8d84b305154f58e7413c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:33:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Tue, 23 May 2023 18:33:02 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 38ms
37ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.26271219743944524

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/sbb/logon

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2bbccdee5b547f79a2dde74ba4eb646cfbfe6228fc49340dd485069c3ff681d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://m.singlepoint.usbank.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 23 May 2022 18:33:02 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s6775320762948 Show response
smetrics.usbank.com/b/ss/usbankcom/10/JS-2.5.0/ 3 KB
3 KB 42ms
42ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.usbank.com/b/ss/usbankcom/10/JS-2.5.0/s6775320762948?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=23%2F4%2F2022%2018%3A33%3A2%201%200&d.&nsid=0&jsonv=1&.d&mid=06150884386351704713922857833859510906&aamlh=6&ce=UTF-8&ns=usbank&g=https%3A%2F%2Fm.singlepoint.usbank.com%2Fspt_mobile_web%2Fsbb%2Flogon&r=https%3A%2F%2Fm.singlepoint.usbank.com%2F&c.&vidAPICheck=VisitorAPI%20Present&et_dimensions=1600x1200&et_width=1600&et_orientation=landscape&EVENTS=event17%2Cevent15%2C&.c&cc=USD&events=event17%2Cevent15&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c3=D%3Dv3&v3=New&c4=1%3A30PM&c6=Monday&c7=5%2F23%2F2022&v9=prospect&c14=D%3Dg&c18=First%20Visit&c19=1&c24=usb%3Aspt_mobile_web%3Asbb%3Alogon&c25=D%3Dc24&c29=https%3A%2F%2Fm.singlepoint.usbank.com%2Fspt_mobile_web%2Fsbb%2Flogon&v35=D%3DpageName&v37=D%3DUser-Agent&c40=single%20point&c50=SinglePoint%7CAM_2.5.0%7C10.09.2018%7CVid_2.5.0&v59=nh&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=675616D751E567410A490D4C%40AdobeOrg&AQE=1

Requested by

Host: m.singlepoint.usbank.com
URL: https://m.singlepoint.usbank.com/spt_mobile_web/js/adobeanalytics/appmeasurement.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

adc375a2cf5ba3dc8b2d25caea556f6443ef2992680535e60de98db9c5aad6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.singlepoint.usbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-aam-tid: gJKABYpBQ1M=
date: Mon, 23 May 2022 18:33:02 GMT
x-content-type-options: nosniff
x-c: main-1645.Id526ce.M0-571
p3p: CP="This is not a P3P policy"
vary: *
content-length: 3118
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v031-0973f7c85.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Tue, 24 May 2022 18:33:02 GMT
server: jag
xserver: anedge-df488f754-9v7v5
etag: 3550500820435042304-4619848990931619905
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 22 May 2022 18:33:02 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=c150b5ebf38271ea7a6e2745becb1f8d2f0a9ea7a3ee85c2dbc9ce40b730a60db0da87c991749652
dpm.demdex.net/ Frame 8ABF
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=06408372811282709753899351862016160930
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMDY0MDgzNzI4MTEyODI3MDk3NTM4OTkzNTE4NjIwMTYxNjA5MzAQABoNCN6mr5QGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=c150b5ebf38271ea7a6e2745becb1f8d2f0a9ea7a3ee85c2dbc9ce40b730a60db0da87c991749652

42 B
945 B

32ms
32ms

Image
image/gif

34.249.171.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=c150b5ebf38271ea7a6e2745becb1f8d2f0a9ea7a3ee85c2dbc9ce40b730a60db0da87c991749652

Protocol

HTTP/1.1

Server

34.249.171.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-171-10.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v031-097b4d90e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: JSQCc1hqRJc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 23 May 2022 18:33:02 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=c150b5ebf38271ea7a6e2745becb1f8d2f0a9ea7a3ee85c2dbc9ce40b730a60db0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESELz385YFxxaO21mB8t6FnFA&google_cver=1
dpm.demdex.net/ Frame 8ABF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDY0MDgzNzI4MTEyODI3MDk3NTM4OTkzNTE4NjIwMTYxNjA5MzA=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELz385YFxxaO21mB8t6FnFA&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

32ms
32ms

Image
image/gif

34.249.171.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELz385YFxxaO21mB8t6FnFA&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.249.171.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-171-10.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v031-0e6e7a81c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9JcaYxxJQ3g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:33:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELz385YFxxaO21mB8t6FnFA&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 8ABF 43 B
355 B 171ms
127ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=06408372811282709753899351862016160930&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 23 May 2022 18:33:02 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5b589bc73c135ac74caf8223984a4e19604fa6d837da69697df58fa040f90e61
content-length: 43

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8ABF 70 B
265 B 141ms
52ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:33:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=3134E6BC33B0670A2503F71132DB66DB
dpm.demdex.net/ Frame 8ABF
Redirect Chain

https://c.bing.com/c.gif?uid=06408372811282709753899351862016160930&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3134E6BC33B0670A2503F71132DB66DB

42 B
945 B

33ms
33ms

Image
image/gif

34.249.171.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3134E6BC33B0670A2503F71132DB66DB

Protocol

HTTP/1.1

Server

34.249.171.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-171-10.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v031-06c0bc431.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Y251njjRTNs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:33:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3EFEA1C7580A4231B74EB76969DCA6F8 Ref B: FRAEDGE1412 Ref C: 2022-05-23T18:33:02Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3134E6BC33B0670A2503F71132DB66DB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8ABF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WW92VFhnQUFBSzlkX2dOeA==

170 B
188 B

54ms
38ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WW92VFhnQUFBSzlkX2dOeA==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:33:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:33:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1653330783.918760,VS0,VE0
x-served-by: cache-hhn4070-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WW92VFhnQUFBSzlkX2dOeA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8ABF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YovTXgAAAK9d_gNx&expires=90

0
239 B

75ms
23ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YovTXgAAAK9d_gNx&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:33:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1653330783.946812,VS0,VE0
x-served-by: cache-hhn4070-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YovTXgAAAK9d_gNx&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8ABF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YovTXgAAAK9d_gNx
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YovTXgAAAK9d_gNx&C=1

43 B
1003 B

46ms
40ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YovTXgAAAK9d_gNx&C=1
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:33:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 18:33:03 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:33:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YovTXgAAAK9d_gNx&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Mon, 23 May 2022 18:33:03 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8ABF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YovTXgAAAK9d_gNx
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYovTXgAAAK9d_gNx

43 B
1 KB

17ms
17ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYovTXgAAAK9d_gNx

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:33:03 GMT
X-Proxy-Origin: 45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 48b153b4-095c-4aac-b05f-9b60ac0e01bd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 18:33:03 GMT
X-Proxy-Origin: 45.141.152.68; 45.141.152.68; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6ec721cf-283d-472d-af0c-9d4d32f68223
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYovTXgAAAK9d_gNx
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8ABF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YovTXgAAAK9d_gNx

43 B
275 B

78ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YovTXgAAAK9d_gNx
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/1a2bd40 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 18:33:03 GMT
via: 1.1 google
server: OXGW/1a2bd40
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:33:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1653330783.265456,VS0,VE0
x-served-by: cache-hhn4070-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YovTXgAAAK9d_gNx
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8ABF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YovTXgAAAK9d_gNx

1 B
451 B

326ms
20ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YovTXgAAAK9d_gNx
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 18:33:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 18:33:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1653330783.372192,VS0,VE0
x-served-by: cache-hhn4070-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YovTXgAAAK9d_gNx
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 8ABF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YovTXgAAAK9d_gNx&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YovTXgAAAK9d_gNx&img=1&__user_check__=1&sync_id=c8019658-dac6-11ec-91ae-1fe3cd8f0206

43 B
548 B

24ms
23ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YovTXgAAAK9d_gNx&img=1&__user_check__=1&sync_id=c8019658-dac6-11ec-91ae-1fe3cd8f0206
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 18:33:03 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 43
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 23 May 2022 18:33:03 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YovTXgAAAK9d_gNx&img=1&__user_check__=1&sync_id=c8019658-dac6-11ec-91ae-1fe3cd8f0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 23
Connection: keep-alive
Content-Length: 0

GET
H2

200

restricted
mid.rkdms.com/ Frame 8ABF
Redirect Chain

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=06408372811282709753899351862016160930&_ct=img
https://mid.rkdms.com/restricted

0
0

100ms
100ms

Image
text/html

34.204.120.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Protocol: H2
Server: 34.204.120.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-120-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

location: /restricted
date: Mon, 23 May 2022 18:33:03 GMT
server: nginx
content-length: 0

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.singlepoint.usbank.com/	1969-12-31 23:59:59	Name: LBACCESS Value: !KfWl/vapg9nIAepQpsjSa9ISJh9F44oqIWAaYpyE/zX7v6QbIgYH5stjon3NEMCOR24OdfInObbTU3M=
m.singlepoint.usbank.com/	1970-01-20 03:15:30	Name: SameSite Value: None
m.singlepoint.usbank.com/	1970-01-20 03:15:30	Name: ADRUM_BTa Value: R:33\|g:0905f5a6-44f2-40cc-994e-eaccea808b94\|n:USBANK_351d091f-c3a8-4779-a0da-4a53785ebec3
m.singlepoint.usbank.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0000gZ0RQU2Lc3t-V12L8D-XpFu:-1
.demdex.net/	1970-01-20 07:34:42	Name: demdex Value: 06408372811282709753899351862016160930
m.singlepoint.usbank.com/	1970-01-20 12:01:06	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: aZ4KbMMfoYU/Djya7OU0L9aWMg3JxB3NONlVDZvwAhw=
.usbank.com/	1969-12-31 23:59:59	Name: AMCVS_675616D751E567410A490D4C%40AdobeOrg Value: 1
mpsnare.iesnare.com/	1970-01-20 12:01:06	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: zQ7w+VgQWLlZw2nZkTlDHKQk0gtsjhtWTUgdXU3/MeQ=
.everesttech.net/	1970-01-20 12:01:06	Name: everest_g_v2 Value: g_surferid~YovTXgAAAK9d_gNx
.dpm.demdex.net/	1970-01-20 07:34:42	Name: dpm Value: 06408372811282709753899351862016160930
.usbank.com/	1970-01-20 20:46:42	Name: s_ecid Value: MCMID%7C06150884386351704713922857833859510906
.usbank.com/	1970-01-20 20:48:09	Name: AMCV_675616D751E567410A490D4C%40AdobeOrg Value: 1406116232%7CMCIDTS%7C19136%7CMCMID%7C06150884386351704713922857833859510906%7CMCAAMLH-1653935581%7C6%7CMCAAMB-1653935581%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1653337981s%7CNONE%7CMCSYNCSOP%7C411-19143%7CMCAID%7CNONE%7CvVersion%7C2.5.0
.usbank.com/	1970-01-22 03:15:30	Name: s_pers Value: %20s_dfa%3Dusbankcom%7C1653332581823%3B%20s_lv%3D1653330782246%7C1747938782246%3B%20s_lv_s%3DFirst%2520Visit%7C1653332582246%3B%20s_nr%3D1653330782252-New%7C1826130782252%3B%20s_vnum%3D1826130782257%2526vn%253D1%7C1826130782257%3B%20s_invisit%3Dtrue%7C1653332582257%3B%20sc_visit_start%3D1%7C1653332582273%3B%20s_visitStart%3D1%7C1653332582274%3B%20s_prevPage%3Dusb%253Aspt_mobile_web%253Asbb%253Alogon%7C1653332582276%3B
.usbank.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_cc%3Dtrue%3B
.m.singlepoint.usbank.com/	1970-01-20 03:58:42	Name: aam_uuid Value: 06408372811282709753899351862016160930
.rlcdn.com/	1970-01-20 12:01:06	Name: rlas3 Value: 7zczjAtK/GsxAXERUGGeup5VNG8H01eMzjqm8vzXtTI=
.rlcdn.com/	1970-01-20 04:41:54	Name: pxrc Value: CN6mr5QGEgUI6AcQABIGCPHrARAA
.doubleclick.net/	1970-01-20 12:37:06	Name: IDE Value: AHWqTUkpWit1pGl37D8wo5a-L1tEPnBoqDqYYvC7gtfpTJ_-l1ZTgW4UnoXnq_Hzgzk
.twitter.com/	1970-01-20 20:46:42	Name: personalization_id Value: "v1_OeLAZ6nV6rhne+LcVSdVrg=="
.bing.com/	1970-01-20 12:37:06	Name: MUID Value: 3134E6BC33B0670A2503F71132DB66DB
.casalemedia.com/	1970-01-20 12:01:06	Name: CMID Value: YovTX0ZGYyFQVAugBQPDhgAA
.casalemedia.com/	1970-01-20 05:25:06	Name: CMPS Value: 3184
.casalemedia.com/	1970-01-20 05:25:06	Name: CMPRO Value: 1197
.casalemedia.com/	1970-01-20 03:16:57	Name: CMST Value: YovTX2KL018A
.casalemedia.com/	1970-01-20 12:01:06	Name: CMRUM3 Value: 58628bd35f2760YovTXgAAAK9d_gNx
.adnxs.com/	1970-01-20 05:25:06	Name: uuid2 Value: 4423968673644881859
.adnxs.com/	1970-01-20 05:25:06	Name: anj Value: dTM7k!M4.FErk#WF']wIg2GVVrJ/w!]tbPl1MwL(!R7qUY$+4AawqYWJXsET1CbCaU?tEfC:z<QG=%9sk?bIRwi:w9Ld1t).d:17Mco/y@Yw#ts_=*mnxQ
.spotxchange.com/	1970-01-20 12:01:10	Name: audience Value: c80195f6-dac6-11ec-91ae-1fe3cd8f0206
.demdex.net/	1970-01-20 07:34:42	Name: dextp Value: 60-1-1653330782332\|771-1-1653330782433\|1123-1-1653330782534\|903-1-1653330782635\|1957-1-1653330782736\|144230-1-1653330782836\|144231-1-1653330782937\|144232-1-1653330783042\|144233-1-1653330783144\|144234-1-1653330783245\|144235-1-1653330783350\|144236-1-1653330783454\|129099-1-1653330783571
.pubmatic.com/	1970-01-20 05:25:06	Name: KRTBCOOKIE_218 Value: 4056-YovTXgAAAK9d_gNx&KRTB&22978-YovTXgAAAK9d_gNx&KRTB&23194-YovTXgAAAK9d_gNx&KRTB&23209-YovTXgAAAK9d_gNx
.pubmatic.com/	1970-01-20 03:58:42	Name: PugT Value: 1653330783

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
c.bing.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fls.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
m.singlepoint.usbank.com
match.adsrvr.org
mid.rkdms.com
mpsnare.iesnare.com
pixel.rubiconproject.com
smetrics.usbank.com
sync-tm.everesttech.net
sync.search.spotxchange.com
us-u.openx.net
usbank.demdex.net
104.244.42.67
104.90.151.119
13.36.218.177
142.250.185.162
142.250.185.230
151.101.66.49
185.33.221.90
185.64.190.80
185.94.180.125
23.35.228.247
2620:1ec:c11::200
3.33.220.150
34.204.120.207
34.246.128.161
34.249.171.10
35.244.159.8
35.244.174.68
52.17.114.133
54.228.71.178
69.173.144.165
0b5c0a5a250daf3ba9747608624395ac97b595e9148ee181ad24f6e7c48aa7ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633
2bbccdee5b547f79a2dde74ba4eb646cfbfe6228fc49340dd485069c3ff681d6
3892dd174c1e9551f111b43b55ce9e5a8af1f4e069e7289a5fec2039e42115b2
3e3db2d89f0b40b86f49403aae0b06e061a9f8ffaf9804f8dcaf0a72090d894d
422994071fe5da24dbd729a96b55a32c44a659704066b5a7e0b7c94098c7e8e4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5e0b26d8accd0d2a02d8f71862d2ef12254673a2ef260688134cc5897aa79291
665b1683a3658b17113047b828eb05efa12279d40a8d84b305154f58e7413c78
715ad0c7a175bd2d42439cf3dea8985cf0dafda7a74a3013d7b97e400cee3f9b
760d0de0f1bdaa91f91b55b8118e979b9a82e9b9c8458ea5d7916adbcf0e49ae
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a13bacc5c6a5cb44b31cb40861a15f73f5e7837ff8d950b18f1160d9b48a6bfd
a805ac046ccd50c8fc886fa94c53ba9a28ecfbc0766c5c12a42c075b751e643f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adc375a2cf5ba3dc8b2d25caea556f6443ef2992680535e60de98db9c5aad6a2
ade9550e2192553a327d227ebf0ad259d7e041184831e135711e82b43184317a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f42715d8eda2c8875cdb07d69f573dbbcdf4dab64263a5b92a9f8dca2342b5
b4879a8983f4fcbc9e1c2a5fca70eb33d703deac4fa408fbd606f13db7666b74
bd44042b9d1ebbc6e9828678d05a73f8b3510e81a572ef2f650ffbfaf75f8af0
cd170cc65c7e37dad47967035d4545055106f1b7491d3db33c87de8e283aa431
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

m.singlepoint.usbank.com Open in urlscan Pro 104.90.151.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

63 %HTTPS

5 %IPv6

16 Domains

20 Subdomains

16 IPs

6 Countries

521 kBTransfer

542 kBSize

31 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

m.singlepoint.usbank.com Open in urlscan Pro
104.90.151.119 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

63 %
HTTPS

5 %
IPv6

16
Domains

20
Subdomains

16
IPs

6
Countries

521 kB
Transfer

542 kB
Size

31
Cookies

35 HTTP transactions
0 data transactions