wherebank.com Open in urlscan Pro
45.35.108.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://wherebank.com/
Submission: On April 26 via api (April 26th 2023, 6:55:57 am UTC) from US — Scanned from DE

Summary HTTP 159 Redirects Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 27 domains to perform 159 HTTP transactions. The main IP is 45.35.108.144, located in Los Angeles, United States and belongs to AS40676, US. The main domain is wherebank.com.

This is the only time wherebank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	45.35.108.144 45.35.108.144	40676 (AS40676) (AS40676)
1 7	2.19.224.115 2.19.224.115	16625 (AKAMAI-AS) (AKAMAI-AS)
13	13.32.99.37 13.32.99.37	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
7	13.32.99.15 13.32.99.15	16509 (AMAZON-02) (AMAZON-02)
2	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:d48d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
4	203.69.60.97 203.69.60.97	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	84.53.166.199 84.53.166.199	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.192.13.30 52.192.13.30	16509 (AMAZON-02) (AMAZON-02)
1	60.199.208.47 60.199.208.47	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	34.111.79.67 34.111.79.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2 5	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
2	203.69.60.95 203.69.60.95	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	35.78.33.195 35.78.33.195	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
9	2600:9000:223... 2600:9000:223c:ea00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:223... 2600:9000:223c:3600:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.197.12.20 52.197.12.20	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
3	35.186.230.197 35.186.230.197	15169 (GOOGLE) (GOOGLE)
6	54.92.30.56 54.92.30.56	16509 (AMAZON-02) (AMAZON-02)
9	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
3 8	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 8	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1288:110... 2a00:1288:110:c104::2000	34010 (YAHOO-IRD) (YAHOO-IRD)
4 4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	203.69.60.96 203.69.60.96	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 2	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
159	42

2 45.35.108.144 (Los Angeles, United States)

ASN40676 (AS40676, US)
PTR: unassigned.psychz.net

wherebank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.19.224.115 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.32.99.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-37.fra60.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

static.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.99.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-15.fra60.r.cloudfront.net

eland.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:d48d (United States)

ASN13335 (CLOUDFLARENET, US)

track.sitetag.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.69.60.97 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-69-60-97.hinet-ip.hinet.net

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.53.166.199 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a84-53-166-199.deploy.static.akamaitechnologies.com

static-tagr.gd1.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.192.13.30 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-13-30.ap-northeast-1.compute.amazonaws.com

ad.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

ssl.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com

tw-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.69.60.95 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-69-60-95.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.78.33.195 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-33-195.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:223c:ea00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223c:3600:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.197.12.20 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partnerads-test.ysm.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.230.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.230.186.35.bc.googleusercontent.com

clg.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.92.30.56 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.201.76.93 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c104::2000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

search.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.69.60.96 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-69-60-96.hinet-ip.hinet.net

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.35.65 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.96.203.13 (Fort Scott, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	holmesmind.com 3 redirects ad.holmesmind.com — Cisco Umbrella Rank: 100868 cdn.holmesmind.com — Cisco Umbrella Rank: 135391 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 128432 fcm.holmesmind.com Failed c.holmesmind.com — Cisco Umbrella Rank: 113652	348 KB
21	scupio.com img.scupio.com — Cisco Umbrella Rank: 69557 bw.scupio.com — Cisco Umbrella Rank: 152871 prebid.scupio.com — Cisco Umbrella Rank: 78504 rec.scupio.com — Cisco Umbrella Rank: 110323	316 KB
14	doublemax.net static.doublemax.net eland.doublemax.net cdn.doublemax.net — Cisco Umbrella Rank: 697651 ad.doublemax.net clg.doublemax.net	18 KB
12	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 803 gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686	16 KB
9	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452 eus.rubiconproject.com — Cisco Umbrella Rank: 798 token.rubiconproject.com — Cisco Umbrella Rank: 795 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 39252	23 KB
9	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 73778	10 KB
8	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	8 KB
7	yimg.com s.yimg.com — Cisco Umbrella Rank: 631	12 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1159 syndication.twitter.com — Cisco Umbrella Rank: 1451	149 KB
6	addthis.com 1 redirects s7.addthis.com — Cisco Umbrella Rank: 2353 m.addthis.com — Cisco Umbrella Rank: 2342 api-public.addthis.com — Cisco Umbrella Rank: 5615	149 KB
5	mookie1.com static-tagr.gd1.mookie1.com — Cisco Umbrella Rank: 53196 tw-gmtdmp.mookie1.com — Cisco Umbrella Rank: 539119	3 KB
4	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 313	2 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	111 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	18 KB
3	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 109579 ssl.sitemaji.com — Cisco Umbrella Rank: 239696	8 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 680	134 KB
2	aralego.com sync.aralego.com — Cisco Umbrella Rank: 4618	826 B
2	yahoo.com search.yahoo.com — Cisco Umbrella Rank: 3076	609 B
2	yahoo.net partnerads-test.ysm.yahoo.net — Cisco Umbrella Rank: 286751	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	88 KB
2	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17264 pubs2-asia.creativecdn.com Failed	353 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	17 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607	67 KB
2	wherebank.com wherebank.com	23 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 2757	207 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 681	1 KB
1	sitetag.us track.sitetag.us — Cisco Umbrella Rank: 842188	2 KB
159	27

	Domain	Requested by
15	cdn.holmesmind.com	ad.doublemax.net wherebank.com cdn.holmesmind.com img.scupio.com
13	img.scupio.com	wherebank.com img.scupio.com
9	t.ssp.hinet.net	cdn.doublemax.net t.ssp.hinet.net
8	gum.criteo.com	2 redirects static.criteo.net img.scupio.com
8	c.holmesmind.com	3 redirects cdn.doublemax.net wherebank.com img.scupio.com
8	ib.adnxs.com	5 redirects wherebank.com
7	s.yimg.com	ad.sitemaji.com wherebank.com partnerads-test.ysm.yahoo.net
6	cm-dev-poc.holmesmind.com	cdn.doublemax.net
6	ad.holmesmind.com	img.scupio.com wherebank.com cdn.holmesmind.com
6	cdn.doublemax.net	static.doublemax.net
4	eus.rubiconproject.com	wherebank.com eus.rubiconproject.com
4	cm.g.doubleclick.net	4 redirects
4	static.criteo.net	img.scupio.com static.criteo.net
4	platform.twitter.com	s7.addthis.com platform.twitter.com
4	bw.scupio.com	img.scupio.com ajax.googleapis.com
4	s7.addthis.com	1 redirects wherebank.com s7.addthis.com
3	www.facebook.com	img.scupio.com connect.facebook.net
3	clg.doublemax.net	cdn.doublemax.net
3	tw-gmtdmp.mookie1.com	wherebank.com
3	ad.doublemax.net	static.doublemax.net
2	static.xx.fbcdn.net	www.facebook.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	sync.aralego.com	img.scupio.com
2	secure-assets.rubiconproject.com	2 redirects
2	rec.scupio.com	img.scupio.com
2	search.yahoo.com	wherebank.com
2	mug.criteo.com	wherebank.com
2	partnerads-test.ysm.yahoo.net	s.yimg.com
2	syndication.twitter.com	platform.twitter.com wherebank.com
2	connect.facebook.net	wherebank.com connect.facebook.net
2	prebid-asia.creativecdn.com	img.scupio.com
2	bidder.criteo.com	img.scupio.com
2	prebid.scupio.com	img.scupio.com
2	www.google-analytics.com	wherebank.com
2	static-tagr.gd1.mookie1.com	static.doublemax.net
2	ajax.googleapis.com	img.scupio.com
2	ad.sitemaji.com	wherebank.com
2	wherebank.com	wherebank.com
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	api-public.addthis.com	s7.addthis.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	ssl.sitemaji.com	ad.sitemaji.com
1	z.moatads.com	s7.addthis.com
1	track.sitetag.us	wherebank.com
1	eland.doublemax.net	wherebank.com
1	static.doublemax.net	wherebank.com
0	fcm.holmesmind.com Failed	cdn.doublemax.net
0	pubs2-asia.creativecdn.com Failed	cdn.doublemax.net
159	49

This site contains no links.

Subject Issuer	Validity	Valid
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
static-tagr.gd1.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-01` - `2023-12-01`	a year	crt.sh
*.doublemax.net Go Daddy Secure Certificate Authority - G2	`2022-04-24` - `2023-05-26`	a year	crt.sh
feebee.com.tw R3	`2023-02-28` - `2023-05-29`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.answers.search.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-03-21` - `2023-09-13`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh

This page contains 35 frames:

Primary Page: http://wherebank.com/
Frame ID: 2E3473BDAFC85B608315154EEC44F86C
Requests: 43 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: 67F6C60DD983F638276078F309953F5C
Requests: 15 HTTP requests in this frame

Frame: https://cdn.doublemax.net/js/capmapping.htm
Frame ID: F0C59335DF59985E8EF161199101ADC9
Requests: 6 HTTP requests in this frame

Frame: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html
Frame ID: BE63603197B0BD1E5F132A61A360608F
Requests: 3 HTTP requests in this frame

Frame: http://ad.doublemax.net/adserver/ads.js?tid=100515496&rf=http%3A%2F%2Fwherebank.com%2F&n=157&o=1&d=1&b=2
Frame ID: D47C1BEBAB662C18E458AC97CBFF5960
Requests: 8 HTTP requests in this frame

Frame: https://cdn.doublemax.net/js/capmapping.htm
Frame ID: CF543473C7C841DE0E826D97D5ACB9C1
Requests: 6 HTTP requests in this frame

Frame: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html
Frame ID: 35376B7580C0FF065EF20A73918C8C72
Requests: 3 HTTP requests in this frame

Frame: http://ad.doublemax.net/adserver/ads.js?tid=100515150&rf=http%3A%2F%2Fwherebank.com%2F&n=164&o=1&d=1&b=2
Frame ID: E26CA5D6417E0DCDE6B6D8C42C504DA3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doublemax.net/js/capmapping.htm
Frame ID: 7E92DACCE2148B660EAC98E90B6B82FA
Requests: 6 HTTP requests in this frame

Frame: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html
Frame ID: 24B139A845DDFDBEDB4507BD98BDBCED
Requests: 3 HTTP requests in this frame

Frame: http://ad.doublemax.net/adserver/ads.js?tid=100515269&rf=http%3A%2F%2Fwherebank.com%2F&n=208&o=1&d=1&b=2
Frame ID: 182875E7CAD0283C385EA366FFA5B45F
Requests: 8 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F8B266519BA849561A126EC2F3853BB0
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 839CA353F92ACD14F0C35079EF3C85D2
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: D1BF1C5F969714EF39360F2AABCC8F48
Requests: 14 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwherebank.com
Frame ID: E27B35EE29091D84B489ED6A836E7FB9
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 425269DD482D88CB06AE3FD2C8828EE0
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 9304A64E5C57E02F7D1C3D211CE8605A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/tmp2/1.js
Frame ID: A0AB176F30C5A0E477D4441B0A67D7C1
Requests: 6 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: F65468CED888E0EEC19448C8F5E87E2A
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 1FBEEBA0C648BF746D0F7A4A4309AAEC
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: ABEA96417CB0BEAD39249A4AAB1EC7D7
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: EF3036356D9B40B7665FD66236E90365
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 89D891647A74237B19FB7F66B7DE4880
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 31A6B2B73ACCBE7B47B65C031706A6F3
Requests: 1 HTTP requests in this frame

Frame: https://partnerads-test.ysm.yahoo.net/ypa/?aws=rev&ct=2&c=000000654&u=http%3A%2F%2Fwherebank.com%2F&r=&w=1&tv=&tt=com&lo=&ty=&ts=1682492152506&ao=&h=1&CoNo=81529d79d1403a65&dT=1&er=0&si=p-digitalwall_2%3A100%25x232&psti=eyJkdCI6eyJhdSI6eyJjbCI6Ii8vYWQuc2l0ZW1hamkuY29tL3lwYS9kaWdpdGFsd2FsbC5jc3MifSwiaWlhIjp7ImFsaSI6ImxlZnQifX19
Frame ID: 9AC47B499671549A77104D68C1A10609
Requests: 2 HTTP requests in this frame

Frame: https://partnerads-test.ysm.yahoo.net/ypa/?aws=rev&ct=2&c=000000654&u=http%3A%2F%2Fwherebank.com%2F&r=&w=1&tv=&tt=%E5%A4%96%E5%8C%AF&lo=&ty=&ts=1682492152761&ao=&h=1&CoNo=4ae498963d5723a8&dT=1&er=0&si=p-digitalwall_2%3A100%25x232&psti=eyJkdCI6eyJhdSI6eyJjbCI6Ii8vYWQuc2l0ZW1hamkuY29tL3lwYS9kaWdpdGFsd2FsbC5jc3MifSwiaWlhIjp7ImFsaSI6ImxlZnQifX19
Frame ID: BED4FD6FADD9CF21948ED5D6E415D486
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wherebank.com
Frame ID: 71F5CA4CF92DF8A2F7C9080FEACA4499
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wherebank.com
Frame ID: 357550FF388C7C1BAC02F26DEFE7603B
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 1C6991315975D89B1858D4DE52A505D2
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBwn2822gDwy2XXaJ7hZ-0A&google_cver=1&google_ula=3918219,0
Frame ID: A0DA2F0ACD8C268E179C43D1C45C684C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: B9103A4F43F5D9AFD71190B684B98C80
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: A6F2D017FC72617F038F9FD921C08E94
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBxNTG7Y5lFNGgMEnKmp8cQ&google_cver=1&google_ula=3918219,0
Frame ID: E9D950705EF178B019BD3432D00CDCB6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 418DB7F9C13CA7B4F4ABD9659E5B4046
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36973b72aece5c%26domain%3Dwherebank.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwherebank.com%252Ff270d15fe4e358%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=http%3A%2F%2Fwherebank.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90
Frame ID: 14BD5A67AADA6B60C0AA980553414987
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WhereBank.com - 銀行匯款轉帳代碼查詢 | 銀行分行地址電話查詢

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

159
Requests

71 %
HTTPS

30 %
IPv6

27
Domains

49
Subdomains

42
IPs

8
Countries

1518 kB
Transfer

3730 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://s7.addthis.com/js/250/addthis_widget.js HTTP 308
https://s7.addthis.com/js/250/addthis_widget.js

Request Chain 26

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 27

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=275221710&utmhn=wherebank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WhereBank.com%20-%20%E9%8A%80%E8%A1%8C%E5%8C%AF%E6%AC%BE%E8%BD%89%E5%B8%B3%E4%BB%A3%E7%A2%BC%E6%9F%A5%E8%A9%A2%20%7C%20%E9%8A%80%E8%A1%8C%E5%88%86%E8%A1%8C%E5%9C%B0%E5%9D%80%E9%9B%BB%E8%A9%B1%E6%9F%A5%E8%A9%A2&utmhid=1070036319&utmr=-&utmp=%2F&utmht=1682492151048&utmac=UA-253807-13&utmcc=__utma%3D223702365.298535185.1682492151.1682492151.1682492151.1%3B%2B__utmz%3D223702365.1682492151.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1223440351&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=275221710&utmhn=wherebank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WhereBank.com%20-%20%E9%8A%80%E8%A1%8C%E5%8C%AF%E6%AC%BE%E8%BD%89%E5%B8%B3%E4%BB%A3%E7%A2%BC%E6%9F%A5%E8%A9%A2%20%7C%20%E9%8A%80%E8%A1%8C%E5%88%86%E8%A1%8C%E5%9C%B0%E5%9D%80%E9%9B%BB%E8%A9%B1%E6%9F%A5%E8%A9%A2&utmhid=1070036319&utmr=-&utmp=%2F&utmht=1682492151048&utmac=UA-253807-13&utmcc=__utma%3D223702365.298535185.1682492151.1682492151.1682492151.1%3B%2B__utmz%3D223702365.1682492151.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1223440351&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 35

http://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=7369574109 HTTP 307
https://ib.adnxs.com/sbounce?%2Fjpt%3Fid%3D10761225%26callback%3Dwindow.xaxS.auctionResult%26cb%3D7369574109

Request Chain 36

http://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=7230881603 HTTP 307
https://ib.adnxs.com/sbounce?%2Fjpt%3Fid%3D10761225%26callback%3Dwindow.xaxS.auctionResult%26cb%3D7230881603 HTTP 307
https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fjpt%253Fid%253D10761225%2526callback%253Dwindow.xaxS.auctionResult%2526cb%253D7230881603

Request Chain 37

http://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=5810589275 HTTP 307
https://ib.adnxs.com/sbounce?%2Fjpt%3Fid%3D10761225%26callback%3Dwindow.xaxS.auctionResult%26cb%3D5810589275 HTTP 307
https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fjpt%253Fid%253D10761225%2526callback%253Dwindow.xaxS.auctionResult%2526cb%253D5810589275

Request Chain 53

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 101

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 103

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 108

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 129

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=wherebank.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ix8IQnxmVXBVbkw3UXRzQmk5SEFreU5YSllZa2JRWWF6OHk2RDBJWVV5bkxiaEkxY2VwVGxvd053emlXb09IVksyL0czUkVSc01CdHdpQjJ4Mlh0UVhlMkRIVzhJMlNsUXlLQ0xhd0tLS2hpNWl2MHdHY2pTWmxXUEdCRzRRcGlJYkZzNS9kWGpmMWoxdjhGaXBSU0pmNmRkT2Z4Zk5lL1QxTzg4VHZuTlZuMkM2VVo5bEdVSkFNbm9HZ2xHaVpHbXBJOGdtU2phMEl6VFpGWjh4NlY5MS9ud0JkNERYRWYxUjZBbGJiU05OMUhhWkhEcnNVNlpOOHJ5MWN4ZFlYb0pYMnFvQjIvckdieEpkT0JJeHZuL0pXSHVYV2xGbHNsRXI2YXVObUhmNVY2SXg3cz18&cppv=2

Request Chain 130

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=wherebank.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8BAuWnxaUEVYK1NCVHdwRlJvaFFQdi9hR21pS09hamg5M0hEWHFscFY5R3RoVm9rSGtLNC82Z2NEaUpVVG0zRUZxc0lTNHBUOW5qMEtXczF0NWNFMnc2K1JxS3hjMzJ4YWcvekl3Z29VdndVS1dXcjVZcXZqbXdGRTkydDJMQlFkRkFaTDQxS2NnOURVdWY3d1lVNm9aNnN2RzQzR1BYMkEvdE1QNWVEaDNBOGJveXdFNW9OWk1BL1NOdFRteURyaVpmREhuTk1yMW9kZXBUWmN5YlJ1aW5zSWRpTUdFTmZMTTJ1SzVrenRneEE0RlZ5ME5zRk5NcG9kc21EMG1FbHRpc09uNWxmVWFqMFJSQ3orVXQyZWNUa09jMmFwa0ZseGNzdUI2YUNMU0owSTAxbz18&cppv=2

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hBMjAyMzA0MjYxNDU1NTI3MzU1ODU%3d&layout=js HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1hBMjAyMzA0MjYxNDU1NTI3MzU1ODU%3D&layout=js&google_tc= HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBwn2822gDwy2XXaJ7hZ-0A&google_cver=1&google_ula=3918219,0

Request Chain 134

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q01BMjAyMzA0MjYxNDU1NTM2NDcwNjY%3d&layout=js HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q01BMjAyMzA0MjYxNDU1NTM2NDcwNjY%3D&layout=js&google_tc= HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBxNTG7Y5lFNGgMEnKmp8cQ&google_cver=1&google_ula=3918219,0

Request Chain 139

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

159 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
wherebank.com/ 22 KB
23 KB 521ms
226ms Document
text/html 45.35.108.144
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 45.35.108.144 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 45eb288a7cf68b2426e52968dcf491295b7b95ec6382a753a2318bdb6f04436f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 22838
Content-Type: text/html
Date: Wed, 26 Apr 2023 06:55:59 GMT
Server: Microsoft-IIS/8.0
Vary: Accept-Encoding
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin

GET
H/1.1 200
OK style.css
wherebank.com/ 363 B
708 B 151ms
150ms Stylesheet
text/css 45.35.108.144
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: http://wherebank.com/style.css
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 45.35.108.144 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 2b9253ff3ec1f7db94e43237fdf11a17e0b16783b531beec4bf88e9d42e38e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Wed, 26 Apr 2023 06:55:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 22 Apr 2018 09:45:22 GMT
Server: Microsoft-IIS/8.0
ETag: "4c7daa11edad31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 386

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/250/
Redirect Chain

http://s7.addthis.com/js/250/addthis_widget.js
https://s7.addthis.com/js/250/addthis_widget.js

353 KB
114 KB

50ms
20ms

Script
application/javascript

2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Server

2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-115.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 26 Apr 2023 06:55:50 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Wed, 26 Apr 2023 06:55:50 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/250/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK ad.js Show response
img.scupio.com/js/ 76 KB
24 KB 49ms
7ms Script
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://img.scupio.com/js/ad.js
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:54:20 GMT
Content-Encoding: gzip
Via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Age: 90
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2023 01:19:47 GMT
Server: nginx/1.12.1
ETag: W/"641a57b3-12f95"
Vary: Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=900
X-Amz-Cf-Id: EZ8alMKGR1c5NAuEh8L__5Ywn5TxFwBq7CYEJSfUdAcb6uH0ictDNA==
Expires: Wed, 26 Apr 2023 07:09:20 GMT

GET
H/1.1 200
OK tr.js Show response
static.doublemax.net/js/ 11 KB
3 KB 694ms
481ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://static.doublemax.net/js/tr.js
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d2f4f7fde4130135ad9f41d975c1a3d0c7171267b2ae7b5d6fe68af48a9fec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: UNtnmUyBYsrLYZ1LpOAP.t_MfQuuGHUf
Content-Encoding: gzip
Via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
Date: Wed, 26 Apr 2023 06:55:51 GMT
Last-Modified: Thu, 20 Apr 2023 14:58:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
x-amz-server-side-encryption: AES256
ETag: W/"6e42236b3b277bfe8cf963dde55e2003"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: ysJtuEokFs2ZcIbf_YwULW91DtCN_Ykin6UBnNe2kXFM8YiY9PDnHw==

GET
H/1.1 200
OK edmp_ads.js Show response
eland.doublemax.net/cfdmp/ 0
494 B 688ms
486ms Script
application/x-javascript 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://eland.doublemax.net/cfdmp/edmp_ads.js
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
Date: Wed, 26 Apr 2023 06:55:51 GMT
Via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
Last-Modified: Fri, 16 Dec 2016 08:48:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
ETag: "d41d8cd98f00b204e9800998ecf8427e"
X-Cache: RefreshHit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-Amz-Cf-Id: gEy709RVsMSD-yxHRsxbzID9pxVp8xx8MPK2WQXp5-2Rk001H7F6vg==

GET
H/1.1 200
OK digitalwall.js Show response
ad.sitemaji.com/ypa/ 9 KB
3 KB 22ms
7ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.sitemaji.com/ypa/digitalwall.js
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 4f95d65331e152c29a373be4989cd457849189b06ad0ce922f07738af5755cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 12:03:19 GMT
Content-Encoding: gzip
Via: 1.1 google
Last-Modified: Thu, 20 Jun 2019 08:55:05 GMT
Server: nginx/1.12.1 (Ubuntu)
Age: 67951
ETag: W/"5d0b49e9-2471"
Vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400,public
Content-Length: 3062
Expires: Wed, 26 Apr 2023 12:03:19 GMT

GET
H/1.1 200
OK ysm_wherebank.js Show response
ad.sitemaji.com/ 13 KB
5 KB 296ms
282ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.sitemaji.com/ysm_wherebank.js
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: a4b64bcdeb8d12d915118f328edd41e28c00892e6c8521081ea028a33e9a4e15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:50 GMT
Content-Encoding: gzip
Via: 1.1 google
Last-Modified: Thu, 20 Jun 2019 08:55:05 GMT
Server: nginx/1.12.1 (Ubuntu)
ETag: W/"5d0b49e9-32a9"
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Expires: Thu, 27 Apr 2023 06:55:50 GMT

GET
H/1.1 200
OK tracking.js Show response
track.sitetag.us/ 2 KB
2 KB 322ms
302ms Script
application/javascript 2606:4700:3034::ac43:d48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://track.sitetag.us/tracking.js?hash=fa57bd6fe49b3baa158fd89e1288fece
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 2606:4700:3034::ac43:d48d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165f39efd2f991bca6d093bc6a3b0d2e2b962d03a7988d20c2ec2f7bcb005dac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:50 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 01 Sep 2016 16:04:17 GMT
Server: cloudflare
ETag: W/"57c85181-831"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jn55Ax4GDstHVWC2IzVeKgAEB9h5I3fbIVJLuzki3gD%2BzmRKD3pAK1U7EtV%2F%2FcpvWP27lSwRlgeKDOt7Uf%2FRea%2BY3J7LEZJJH4W5dO9rXSNEpuQLdMiCTHONzTED7C%2B2%2B2%2BzA3NTbgrgFSNB6z1H"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=604800
CF-RAY: 7bdcec244c3c9104-FRA
Expires: Wed, 03 May 2023 06:55:50 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 49ms
13ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:50 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31668
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 13182.json Show response
img.scupio.com/js/config/ 374 B
784 B 308ms
292ms XHR
application/json 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/13182.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: http://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 2f7f1454abf044c5e851df0c6c8a88df73d655ee617261852ad258eb5ae84d9e

Request headers

Accept: application/json, text/javascript, */*
Referer: http://wherebank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 26 Apr 2023 06:55:50 GMT
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 02:20:16 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA60-P3
etag: "64488a60-176"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 374
x-amz-cf-id: XZPcDwYkVPcE_KYrGJ6Sf--vw6GkGDFUzVu_nep3ErZHB4_HTxJCYQ==
expires: Wed, 26 Apr 2023 09:55:50 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
715 B 1135ms
280ms XHR
application/json 203.69.60.97
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=13182&cb=0.3996095850107313
Requested by: Host: img.scupio.com
URL: http://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-97.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: http://wherebank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: http://wherebank.com
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 67F6 83 KB
22 KB 22ms
8ms Document
text/html 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.67
Requested by: Host: img.scupio.com
URL: http://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 892
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Apr 2023 06:40:57 GMT
etag: W/"641a5637-14dfe"
expires: Fri, 26 May 2023 06:40:57 GMT
last-modified: Wed, 22 Mar 2023 01:13:27 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-id: ns68Gf9EFfQmL2tPNLoWykYGpGxDKgm1Hg0Apr4rDQYzTlavrBRAPQ==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 67F6 95 KB
34 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 18:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Apr 2024 18:04:51 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 67F6 236 KB
83 KB 7ms
7ms Script
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:02 GMT
content-encoding: gzip
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA60-P3
age: 48
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: AxfbL5ux68OLVJ9VmakqRfBqfuawFY_IZfgSoKoBD1_Mw02PjLY2vg==
expires: Fri, 26 May 2023 06:55:02 GMT

GET
H/1.1 200
OK tagr_lib_learn_tw_v3.js Show response
static-tagr.gd1.mookie1.com/s1/ 4 KB
1 KB 75ms
14ms Script
application/javascript 84.53.166.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_tw_v3.js?tagid=V2_98222&id=ClickForce_Learn
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.166.199 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-166-199.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2016 05:38:37 GMT
Server: nginx
ETag: "57999a5d-1153"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H/1.1 200
OK checkSegmentsNFI.min.js Show response
static-tagr.gd1.mookie1.com/s1/sas/lh1/ 1 KB
843 B 79ms
18ms Script
application/javascript 84.53.166.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.166.199 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-166-199.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2016 14:26:27 GMT
Server: nginx
ETag: "581b4913-428"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 552

GET
H2 200 capmapping.htm Show response
cdn.doublemax.net/js/ Frame F0C5 7 KB
3 KB 1188ms
933ms Document
text/html 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doublemax.net/js/capmapping.htm
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 26 Apr 2023 06:55:53 GMT
etag: W/"7043648f76be8783efb738bc06c56fa0"
last-modified: Mon, 24 Apr 2023 07:14:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: _37V_xZBRIDLIfDhvvrCs0qvFdZUkXrrljH_CM_9eVqdsmFlrfY-6g==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: V6NsP3de_zofI4ntPgDkYuPBJHKqbsyX
x-cache: RefreshHit from cloudfront

GET
H2 200 rtbhousemapping.html Show response
cdn.doublemax.net/js/rtbhouse/ Frame BE63 1 KB
1 KB 1172ms
917ms Document
text/html 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9092abebe27a40178652ecf3ceb9b1c1e25c9d3588d9584d6aa37419c022469f

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 26 Apr 2023 06:55:53 GMT
etag: W/"50a5972dd7adff989b48bd649e8db2f1"
last-modified: Thu, 20 Apr 2023 14:59:09 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: idGfMMxr48pfIq151Rn8ORQ_LA9iONbr2lbjMkSfELmRKbHcEZNPcQ==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: 2.HfSIVPCaDIhgs5sj.8YA5L3WzMUJ4p
x-cache: RefreshHit from cloudfront

GET
H/1.1 200
OK ads.js Show response
ad.doublemax.net/adserver/ Frame D47C 3 KB
1 KB 524ms
242ms Script
text/html 52.192.13.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.doublemax.net/adserver/ads.js?tid=100515496&rf=http%3A%2F%2Fwherebank.com%2F&n=157&o=1&d=1&b=2
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: HTTP/1.1
Server: 52.192.13.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-13-30.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 26f64fe139bb8840219e301123f3b28515b4379a3b254dbcf8aeb467fe788da9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://wherebank.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 capmapping.htm Show response
cdn.doublemax.net/js/ Frame CF54 7 KB
3 KB 1180ms
933ms Document
text/html 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doublemax.net/js/capmapping.htm
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 26 Apr 2023 06:55:53 GMT
etag: W/"7043648f76be8783efb738bc06c56fa0"
last-modified: Mon, 24 Apr 2023 07:14:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: UdAog2TOa5UT34TMzLNt4Ng7ZPl4SxbV6KLOCLGm-y8XdzH4A5OjOw==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: V6NsP3de_zofI4ntPgDkYuPBJHKqbsyX
x-cache: Hit from cloudfront

GET
H2 200 rtbhousemapping.html Show response
cdn.doublemax.net/js/rtbhouse/ Frame 3537 1 KB
1 KB 1163ms
917ms Document
text/html 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9092abebe27a40178652ecf3ceb9b1c1e25c9d3588d9584d6aa37419c022469f

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 26 Apr 2023 06:55:53 GMT
etag: W/"50a5972dd7adff989b48bd649e8db2f1"
last-modified: Thu, 20 Apr 2023 14:59:09 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: df8nmSYc_9HM9luTlTxLWCSBEQ4guygKh8kk2GOCoidYtF8wyffUtA==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: 2.HfSIVPCaDIhgs5sj.8YA5L3WzMUJ4p
x-cache: Hit from cloudfront

GET
H/1.1 200
OK ads.js Show response
ad.doublemax.net/adserver/ Frame E26C 0
348 B 542ms
253ms Script
text/html 52.192.13.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.doublemax.net/adserver/ads.js?tid=100515150&rf=http%3A%2F%2Fwherebank.com%2F&n=164&o=1&d=1&b=2
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: HTTP/1.1
Server: 52.192.13.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-13-30.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://wherebank.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 capmapping.htm Show response
cdn.doublemax.net/js/ Frame 7E92 7 KB
3 KB 1165ms
934ms Document
text/html 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doublemax.net/js/capmapping.htm
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 26 Apr 2023 06:55:52 GMT
etag: W/"7043648f76be8783efb738bc06c56fa0"
last-modified: Mon, 24 Apr 2023 07:14:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: j1Rxuu59R8nijUJsiKTST0bXzjGyMoA8QvIc1dbV38fLTe596IKO4A==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: V6NsP3de_zofI4ntPgDkYuPBJHKqbsyX
x-cache: Hit from cloudfront

GET
H2 200 rtbhousemapping.html Show response
cdn.doublemax.net/js/rtbhouse/ Frame 24B1 1 KB
1 KB 1148ms
918ms Document
text/html 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9092abebe27a40178652ecf3ceb9b1c1e25c9d3588d9584d6aa37419c022469f

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 26 Apr 2023 06:55:52 GMT
etag: W/"50a5972dd7adff989b48bd649e8db2f1"
last-modified: Thu, 20 Apr 2023 14:59:09 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: TaacebiX8GxjGI-cRoDsm4CFFVsWl9exBKWvSlrnI6zhgXlKylxqEw==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: 2.HfSIVPCaDIhgs5sj.8YA5L3WzMUJ4p
x-cache: Hit from cloudfront

GET
H/1.1 200
OK ads.js Show response
ad.doublemax.net/adserver/ Frame 1828 3 KB
1 KB 535ms
258ms Script
text/html 52.192.13.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.doublemax.net/adserver/ads.js?tid=100515269&rf=http%3A%2F%2Fwherebank.com%2F&n=208&o=1&d=1&b=2
Requested by: Host: static.doublemax.net
URL: http://static.doublemax.net/js/tr.js
Protocol: HTTP/1.1
Server: 52.192.13.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-13-30.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: df7817118aa3711c4b19c7973938945e970bc5746406270a7a7f4d7b2a5d4793

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://wherebank.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK ckip.php Show response
ssl.sitemaji.com/ckip/ 48 B
292 B 1108ms
365ms Script
text/html 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/ckip/ckip.php?c=WhereBank.com&callback=SD.adModYpa.kwHandle.ckipCache.callback
Requested by: Host: ad.sitemaji.com
URL: http://ad.sitemaji.com/ypa/digitalwall.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 335ca9570defa53037c3f6ab4e5681999edaf666d22a93e4125ad54e48beb7f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Content-Encoding: br
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

28ms
7ms

Script
text/javascript

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 06:07:30 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2901
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 26 Apr 2023 08:07:30 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=275221710&utmhn=wherebank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WhereBan...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=275221710&utmhn=wherebank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WhereBa...

35 B
197 B

16ms
16ms

Image
image/gif

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=275221710&utmhn=wherebank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WhereBank.com%20-%20%E9%8A%80%E8%A1%8C%E5%8C%AF%E6%AC%BE%E8%BD%89%E5%B8%B3%E4%BB%A3%E7%A2%BC%E6%9F%A5%E8%A9%A2%20%7C%20%E9%8A%80%E8%A1%8C%E5%88%86%E8%A1%8C%E5%9C%B0%E5%9D%80%E9%9B%BB%E8%A9%B1%E6%9F%A5%E8%A9%A2&utmhid=1070036319&utmr=-&utmp=%2F&utmht=1682492151048&utmac=UA-253807-13&utmcc=__utma%3D223702365.298535185.1682492151.1682492151.1682492151.1%3B%2B__utmz%3D223702365.1682492151.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1223440351&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=275221710&utmhn=wherebank.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WhereBank.com%20-%20%E9%8A%80%E8%A1%8C%E5%8C%AF%E6%AC%BE%E8%BD%89%E5%B8%B3%E4%BB%A3%E7%A2%BC%E6%9F%A5%E8%A9%A2%20%7C%20%E9%8A%80%E8%A1%8C%E5%88%86%E8%A1%8C%E5%9C%B0%E5%9D%80%E9%9B%BB%E8%A9%B1%E6%9F%A5%E8%A9%A2&utmhid=1070036319&utmr=-&utmp=%2F&utmht=1682492151048&utmac=UA-253807-13&utmcc=__utma%3D223702365.298535185.1682492151.1682492151.1682492151.1%3B%2B__utmz%3D223702365.1682492151.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1223440351&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4f7af284027a3afe/ 27 B
207 B 185ms
185ms Script
application/javascript 2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4f7af284027a3afe/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-224-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:51 GMT
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 160ms
151ms Script
application/javascript 2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6448caf64262c3ef&bkl=0&bl=1&pdt=531&sid=6448caf64262c3ef&pub=ra-4f7af284027a3afe&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=wherebank.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1682492151057&jsl=32&uvs=6448caf68f4f8a7c000&skipb=1&callback=addthis.cbs.jsonp__90307541131260380
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-224-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e2e0be99ae3cf2ab70482fafc85c04544783b0bbd82a797160bb7223f21825b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:51 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F8B2 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 839C 71 KB
26 KB 31ms
30ms Document
text/html 2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-115.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 26 Apr 2023 06:55:51 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK learn
tw-gmtdmp.mookie1.com/t/v2/ 42 B
264 B 305ms
268ms Image
image/gif 34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tw-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_98222&src.domain=wherebank.com&src.url=%252F&src.id=ClickForce_Learn&src.rand=6243708098
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Via: 1.1 google
Last-Modified: Tue, 28 Jun 2022 14:08:50 GMT
Server: nginx
ETag: "62bb0b72-2a"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK learn
tw-gmtdmp.mookie1.com/t/v2/ 42 B
264 B 305ms
268ms Image
image/gif 34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tw-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_98222&src.domain=wherebank.com&src.url=%252F&src.id=ClickForce_Learn&src.rand=2983025590
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Via: 1.1 google
Last-Modified: Tue, 28 Jun 2022 14:08:50 GMT
Server: nginx
ETag: "62bb0b72-2a"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK learn
tw-gmtdmp.mookie1.com/t/v2/ 42 B
264 B 306ms
269ms Image
image/gif 34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tw-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_98222&src.domain=wherebank.com&src.url=%252F&src.id=ClickForce_Learn&src.rand=1476105406
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Via: 1.1 google
Last-Modified: Tue, 28 Jun 2022 14:08:50 GMT
Server: nginx
ETag: "62bb0b72-2a"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1

200
OK

sbounce Show response
ib.adnxs.com/
Redirect Chain

http://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=7369574109
https://ib.adnxs.com/sbounce?%2Fjpt%3Fid%3D10761225%26callback%3Dwindow.xaxS.auctionResult%26cb%3D7369574109

0
933 B

13ms
13ms

Script
text/html

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/sbounce?%2Fjpt%3Fid%3D10761225%26callback%3Dwindow.xaxS.auctionResult%26cb%3D7369574109

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Apr 2023 06:55:51 GMT
AN-X-Request-Uuid: 155d9be1-a2db-4391-9a6a-d27ad7991f36
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.118; 146.70.117.118; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.118; 146.70.117.118; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fa9d4125-0103-4f1f-868f-9469f5573b9d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/sbounce?%2Fjpt%3Fid%3D10761225%26callback%3Dwindow.xaxS.auctionResult%26cb%3D7369574109
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/
Redirect Chain

http://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=7230881603
https://ib.adnxs.com/sbounce?%2Fjpt%3Fid%3D10761225%26callback%3Dwindow.xaxS.auctionResult%26cb%3D7230881603
https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fjpt%253Fid%253D10761225%2526callback%253Dwindow.xaxS.auctionResult%2526cb%253D7230881603

0
933 B

13ms
13ms

Script
text/html

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fjpt%253Fid%253D10761225%2526callback%253Dwindow.xaxS.auctionResult%2526cb%253D7230881603

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Apr 2023 06:55:51 GMT
AN-X-Request-Uuid: dc7f3868-e838-43f5-91b9-09e006e5fb95
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.118; 146.70.117.118; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.118; 146.70.117.118; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ce21809e-32c7-4ab7-9efc-dfaf9e1a7c55
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fjpt%253Fid%253D10761225%2526callback%253Dwindow.xaxS.auctionResult%2526cb%253D7230881603
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/
Redirect Chain

http://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=5810589275
https://ib.adnxs.com/sbounce?%2Fjpt%3Fid%3D10761225%26callback%3Dwindow.xaxS.auctionResult%26cb%3D5810589275
https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fjpt%253Fid%253D10761225%2526callback%253Dwindow.xaxS.auctionResult%2526cb%253D5810589275

0
933 B

13ms
13ms

Script
text/html

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fjpt%253Fid%253D10761225%2526callback%253Dwindow.xaxS.auctionResult%2526cb%253D5810589275

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Apr 2023 06:55:51 GMT
AN-X-Request-Uuid: 3b72c6cf-971f-484e-9edd-fce68176cbe0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.118; 146.70.117.118; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.118; 146.70.117.118; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 55ced5d3-ea88-4eca-b2bf-bf8e41a599e6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fjpt%253Fid%253D10761225%2526callback%253Dwindow.xaxS.auctionResult%2526cb%253D5810589275
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 13183.json Show response
img.scupio.com/js/config/ 375 B
783 B 7ms
7ms XHR
application/json 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/13183.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: http://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9f71211d3378294d1c4bc41a1c1ecd741df5722acb685b74a01a9e3fd65a3845

Request headers

Accept: application/json, text/javascript, */*
Referer: http://wherebank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 26 Apr 2023 06:54:55 GMT
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 56
x-cache: Hit from cloudfront
content-length: 375
last-modified: Wed, 26 Apr 2023 02:20:16 GMT
server: nginx/1.12.1
etag: "64488a60-177"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
x-amz-cf-id: uzrFqSLujuL7JnXGbw2FrimKgoOS7nf0lju7oBG7m1gX0iDi2MKcIw==
expires: Wed, 26 Apr 2023 09:54:55 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
715 B 1048ms
284ms XHR
application/json 203.69.60.97
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=13183&cb=0.591417867650111
Requested by: Host: img.scupio.com
URL: http://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-97.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: http://wherebank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: http://wherebank.com
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame D1BF 83 KB
22 KB 7ms
7ms Document
text/html 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.67
Requested by: Host: img.scupio.com
URL: http://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 893
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Apr 2023 06:40:57 GMT
etag: W/"641a5637-14dfe"
expires: Fri, 26 May 2023 06:40:57 GMT
last-modified: Wed, 22 Mar 2023 01:13:27 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-id: Dz49YPqyEqcs0lxetkC7u3nJWWI9zmv9TFGKHlNcalXFb2bVixGoFg==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 67F6 108 B
496 B 7ms
6ms XHR
application/json 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: dc5b9360d4a70de29836b2d9edc30962ece8ef5d8ab9c8ea0e94f60a455ac141

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Apr 2023 06:51:15 GMT
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 19:15:03 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA60-P3
age: 276
etag: "644826b7-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: Dmg9ndeKIa1h5F1uLR1q2hR7bwpxN4D7dMw1PoehP5KmajQqEDqlZw==
expires: Wed, 26 Apr 2023 09:51:15 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame D1BF 95 KB
33 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 18:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Apr 2024 18:04:51 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame D1BF 236 KB
83 KB 8ms
7ms Script
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:02 GMT
content-encoding: gzip
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA60-P3
age: 49
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: 1pFF6d2bocrDvNQM3iMhZcE_NT4E3t7osNHAvbUHdgMSIoAam7bg1w==
expires: Fri, 26 May 2023 06:55:02 GMT

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 67F6 0
14 B 856ms
282ms XHR
text/plain 203.69.60.95
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6870927369308348
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 203.69.60.95 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-95.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Wed, 26 Apr 2023 06:55:50 GMT
access-control-allow-credentials: true
server: Kestrel

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 67F6 4 KB
1 KB 765ms
258ms XHR
text/html 35.78.33.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1682492150887&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.33.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-33-195.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4623988312e5865044b537ccb1b3bdf21a5b48e44f255a97fccc405da4adc391

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Wed, 26 Apr 2023 06:55:51 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 67F6 0
216 B 107ms
68ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=58717548898

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Apr 2023 06:55:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 67F6 0
177 B 514ms
165ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Wed, 26 Apr 2023 06:55:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame D1BF 108 B
496 B 7ms
6ms XHR
application/json 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: dc5b9360d4a70de29836b2d9edc30962ece8ef5d8ab9c8ea0e94f60a455ac141

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Apr 2023 06:51:15 GMT
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 19:15:03 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA60-P3
age: 276
etag: "644826b7-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: mtq3Sg0ZPDqgPD1nFAenhcvj0flaYRj5mbotrvS0L3vOYvlDFj0I_A==
expires: Wed, 26 Apr 2023 09:51:15 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame D1BF 0
176 B 483ms
166ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Wed, 26 Apr 2023 06:55:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame D1BF 0
113 B 820ms
280ms XHR
text/plain 203.69.60.95
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9593992103995255
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 203.69.60.95 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-95.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Wed, 26 Apr 2023 06:55:50 GMT
access-control-allow-credentials: true
server: Kestrel

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D1BF 0
215 B 74ms
68ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=84526497761

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Apr 2023 06:55:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame D1BF 0
219 B 722ms
249ms XHR
text/html 35.78.33.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1682492151185&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.33.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-33-195.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Wed, 26 Apr 2023 06:55:51 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

23ms
7ms

Script
application/x-javascript

2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

10ddaa851ef0918fafea76edf07214df29e8842fbf9b24c82404f5500fdb797c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 06:55:51 GMT
content-md5: PZuALO5rlWDUgdR+4M8xqw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: YsH0D0dVUQUrJsNP/fSnnvhPjwxSg3pB7Ei9TT4y76YoXxopL2T0CoNHc57YRMa6P6nUkYRuNCa42KalDSfOjw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 113cc0daab2581f8ed33971a3b7a13f2
cross-origin-opener-policy: same-origin-allow-popups
etag: "6231a890bf772ffa3e2b2d4ca3b35c60"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 26 Apr 2023 07:04:58 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#version=v2.6
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 63ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B93) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Content-Encoding: gzip
Age: 219
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (amb/6B93)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 counter.d27508c102582d608697.js Show response
s7.addthis.com/static/ 24 KB
8 KB 14ms
13ms Script
application/javascript 2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/counter.d27508c102582d608697.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-115.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 26 Apr 2023 06:55:51 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5fd2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 8265

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 45 B
293 B 183ms
182ms Script
application/json 2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwherebank.com%2F&callback=_ate.cbs.sc_httpwherebankcom0

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-115.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

b96bf3ab049efe889b4e82452bac636869ac65647beaff1e988c0d5e3acaad97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: wherebank.com/
last-modified: Wed, 26 Apr 2023 06:55:51 GMT
server: nginx/1.15.8
date: Wed, 26 Apr 2023 06:55:51 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 65

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0d745a7459f1cfbf23d001e5a9c961cf

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c452316107897cff05ea3b19caf888d804b1a0206a7d6872500c23708ad828c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://wherebank.com/
Origin: http://wherebank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 06:55:51 GMT
content-md5: /TMQKhyG7XrMS+tUJzSJkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87152
x-fb-rlafr: 0
x-fb-debug: YbQXAWHA+twUgqK/qz61xF2FNKjE+DyIZiYkvYBIATYtow8Hv54pXL1S5nnSehluBgbfSjB/T6iSI0SMFwDlDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1623b62bb311c36367a512696924af83
cross-origin-opener-policy: same-origin-allow-popups
etag: "0da2ddb859aa28bfcb2abad2762b293f"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 25 Apr 2024 05:27:24 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame E27B 320 KB
104 KB 51ms
12ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwherebank.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC0) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3578585
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Apr 2023 06:55:51 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E27B 663 B
605 B 149ms
116ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2a92bfc59ea9ac0fdd5a431f8e46059928e74aeb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwherebank.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 103
date: Wed, 26 Apr 2023 06:55:50 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 26 Apr 2023 06:55:51 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 6d6894d22b68182a
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 6bedbe072de3852907ff6445f49ea1ed2d390cb7962c6ca60f0f9bda62c2510f
content-length: 284

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 937 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c69e528427c8218cb4bc5fe647db3366146403d53593a3f96482479a14eca234

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame D47C 17 KB
18 KB 43ms
8ms Script
application/javascript 2600:9000:223c:ea00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: ad.doublemax.net
URL: http://ad.doublemax.net/adserver/ads.js?tid=100515496&rf=http%3A%2F%2Fwherebank.com%2F&n=157&o=1&d=1&b=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16be4732369bed69d2ddb41d61adf1936cf47cd5f24b986b9769af99ad5bbe83

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: U4DEmX2POsqEmBxZaI0PIJ1pbDUUpQlc
date: Wed, 26 Apr 2023 06:55:18 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 08:18:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 34
x-amz-server-side-encryption: AES256
etag: "6a678a06d6d5e5cce801fa3da3d54280"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17516
x-amz-cf-id: OZcL7nYMIiz5hHJWLjTc_62al7_--yUKQjEgfypZ7k5ahwoDNYtX0w==

GET
H/1.1 200
OK av_old.js Show response
cdn.holmesmind.com/js/ Frame D47C 4 KB
4 KB 44ms
7ms Script
application/javascript 2600:9000:223c:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.holmesmind.com/js/av_old.js
Requested by: Host: ad.doublemax.net
URL: http://ad.doublemax.net/adserver/ads.js?tid=100515496&rf=http%3A%2F%2Fwherebank.com%2F&n=157&o=1&d=1&b=2
Protocol: HTTP/1.1
Server: 2600:9000:223c:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04431a827a36b70d9174180e526ed0000fee866c9688c4009da71d863d5bb73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: yN5QEOVRFdZvtoDLKUg0iTTHj.NO8.Qr
Date: Wed, 26 Apr 2023 06:55:18 GMT
Via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
Last-Modified: Tue, 25 Apr 2023 08:17:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 34
x-amz-server-side-encryption: AES256
ETag: "77d512f8676b6b3f12cadd9df9d1a1e0"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3990
X-Amz-Cf-Id: tbIY8d9ZqB1angRFqCTRgo_BcIWCeVi_C6l1EuCAWyngiVM2rHDTIg==

GET
H/1.1 200
OK cf.png
cdn.holmesmind.com/ Frame D47C 1 KB
2 KB 44ms
7ms Image
image/png 2600:9000:223c:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.holmesmind.com/cf.png
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 2600:9000:223c:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 08:29:49 GMT
x-amz-version-id: null
Via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
Last-Modified: Mon, 11 Jul 2016 08:32:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 80762
ETag: "a77740eea95ba2ef6436403310c6f59a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1512
X-Amz-Cf-Id: UunBNXytLzjKqFyCaabIHkqNxaKPi06pdqm9CtfOvk_xZuRjniWR2Q==

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame 1828 17 KB
18 KB 14ms
13ms Script
application/javascript 2600:9000:223c:ea00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: ad.doublemax.net
URL: http://ad.doublemax.net/adserver/ads.js?tid=100515269&rf=http%3A%2F%2Fwherebank.com%2F&n=208&o=1&d=1&b=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16be4732369bed69d2ddb41d61adf1936cf47cd5f24b986b9769af99ad5bbe83

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: U4DEmX2POsqEmBxZaI0PIJ1pbDUUpQlc
date: Wed, 26 Apr 2023 06:55:18 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 08:18:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 34
x-amz-server-side-encryption: AES256
etag: "6a678a06d6d5e5cce801fa3da3d54280"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17516
x-amz-cf-id: cmtqjZJvlrAdtLVna4oiK_cZSLNENkgzzwqqIdbGVTolXkxUor2Baw==

GET
H/1.1 200
OK cf.png
cdn.holmesmind.com/ Frame 1828 1 KB
2 KB 12ms
6ms Image
image/png 2600:9000:223c:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.holmesmind.com/cf.png
Requested by: Host: ad.doublemax.net
URL: http://ad.doublemax.net/adserver/ads.js?tid=100515269&rf=http%3A%2F%2Fwherebank.com%2F&n=208&o=1&d=1&b=2
Protocol: HTTP/1.1
Server: 2600:9000:223c:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 08:29:49 GMT
x-amz-version-id: null
Via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
Last-Modified: Mon, 11 Jul 2016 08:32:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 80762
ETag: "a77740eea95ba2ef6436403310c6f59a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1512
X-Amz-Cf-Id: EDzhkldMh7bbF5Vi5E2xpgl3pTpZljeVC09ErRXggN3F5JxInjOhyA==

GET
H/1.1 200
OK av_old.js Show response
cdn.holmesmind.com/js/ Frame 1828 4 KB
4 KB 14ms
8ms Script
application/javascript 2600:9000:223c:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.holmesmind.com/js/av_old.js
Requested by: Host: ad.doublemax.net
URL: http://ad.doublemax.net/adserver/ads.js?tid=100515269&rf=http%3A%2F%2Fwherebank.com%2F&n=208&o=1&d=1&b=2
Protocol: HTTP/1.1
Server: 2600:9000:223c:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04431a827a36b70d9174180e526ed0000fee866c9688c4009da71d863d5bb73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: yN5QEOVRFdZvtoDLKUg0iTTHj.NO8.Qr
Date: Wed, 26 Apr 2023 06:55:18 GMT
Via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
Last-Modified: Tue, 25 Apr 2023 08:17:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 34
x-amz-server-side-encryption: AES256
ETag: "77d512f8676b6b3f12cadd9df9d1a1e0"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3990
X-Amz-Cf-Id: c8S-XP8VyuDokfU5TwtpQ-Lqi8FcJ0ESu6PrrBbBFXP27EXiXhn53A==

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ 8 KB
3 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA4) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Content-Encoding: gzip
Age: 3578577
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (amb/6BA4)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame D47C 2 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:223c:ea00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: X_FZGTPSs9ero4MIGmhYRkOP3.WVjbBs
date: Wed, 26 Apr 2023 06:55:42 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 08:18:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 18
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: KVHIm7As-O8fFuPKKsNiWzh0Jsnz3pVSXj7sTv8PdgtykdLNJvG_Aw==

GET
H/1.1 200
OK c9f2eb766b6c4c9cfbcff3d8c593ea3d.gif
cdn.holmesmind.com/image/15679/ Frame D47C 85 KB
85 KB 8ms
8ms Image
image/gif 2600:9000:223c:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.holmesmind.com/image/15679/c9f2eb766b6c4c9cfbcff3d8c593ea3d.gif
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 2600:9000:223c:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1a19dcf2384af138c67dbe6395455c9637b9fb9ac1737681878dab0cd5ed43f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 03:30:32 GMT
x-amz-version-id: NDQK_Gva6qTXM2CNfNVNJ3NYXJYKLISR
Via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Feb 2023 05:56:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 12320
ETag: "ce5f6d151427b1e05fb19b56f9cb5607"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86806
X-Amz-Cf-Id: dcRM6p8P09tuIM9pd3_PKY_jIdBQLBYbBiEtEC3IKsLcmZSHeuwm-w==

GET i
ad.holmesmind.com/adserver/ Frame D47C 0
0

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame 1828 2 KB
2 KB 6ms
6ms Script
application/javascript 2600:9000:223c:ea00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: X_FZGTPSs9ero4MIGmhYRkOP3.WVjbBs
date: Wed, 26 Apr 2023 06:55:42 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 08:18:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 18
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: 1rMCSffUb6ts3VAWlkN1JH7jDq7nFrUWJ7Gh-230L9OQ9QjQC4Omiw==

GET
H/1.1 200
OK c9f2eb766b6c4c9cfbcff3d8c593ea3d.gif
cdn.holmesmind.com/image/15812/ Frame 1828 85 KB
85 KB 8ms
7ms Image
image/gif 2600:9000:223c:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.holmesmind.com/image/15812/c9f2eb766b6c4c9cfbcff3d8c593ea3d.gif
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 2600:9000:223c:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1a19dcf2384af138c67dbe6395455c9637b9fb9ac1737681878dab0cd5ed43f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 03:58:11 GMT
x-amz-version-id: _bvOwlpKqr9SFbtGruk3i8ZOBopd_NQm
Via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
Last-Modified: Wed, 01 Mar 2023 03:05:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 10661
ETag: "ce5f6d151427b1e05fb19b56f9cb5607"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86806
X-Amz-Cf-Id: s5te1R9j8r9-7-iuAvraNuAU3NYE07naPapyVP-fQuQI5CMFuJqD5Q==

GET
H/1.1 200
OK i
ad.holmesmind.com/adserver/ Frame 1828 0
169 B 491ms
250ms Image
image/png 52.197.12.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad.holmesmind.com/adserver/i?ut=1682492151&p=2108:70093:148572:6dc90bdbb06ad399e473da30be57bb5f:15812
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Server: 52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:51 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame 4252 37 KB
14 KB 13ms
12ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA4) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3578546
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Apr 2023 06:55:51 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA4)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
127 B 124ms
123ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwherebank.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1682492151585%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=2a92bfc59ea9ac0fdd5a431f8e46059928e74aeb

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 26 Apr 2023 06:55:51 GMT
strict-transport-security: max-age=631138519
last-modified: Wed, 26 Apr 2023 06:55:51 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 9e5e361636952a0e
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 6bedbe072de3852907ff6445f49ea1ed2d390cb7962c6ca60f0f9bda62c2510f
content-length: 43

GET
DATA 200
OK truncated
/ Frame 4252 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adsbyscupio.js Show response
img.scupio.com/js/ Frame 9304 4 KB
2 KB 7ms
7ms Script
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:53:21 GMT
content-encoding: gzip
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:30:31 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA60-P3
age: 152
etag: W/"607cf957-11ab"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: ZQKjJxWJMUyABTCAdnyPuDbgjCAHfeT6d_FuhFt4kEQowo1ET1lSew==
expires: Wed, 26 Apr 2023 09:53:20 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame D1BF 2 KB
2 KB 1115ms
280ms XHR
application/javascript 203.69.60.97
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.8328590359566299
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-97.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 68d16955919061ddef2eb1bde9aabf790c93e5cd58e9a7dec711318d687bdce8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 26 Apr 2023 06:55:52 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1482

GET
H2 200 edmpVL.js Show response
cdn.holmesmind.com/js/ Frame 67F6 10 KB
10 KB 10ms
10ms Script
application/javascript 2600:9000:223c:ea00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmpVL.js
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: V6vJvRoe3hNFFsbu72KHMeNT7eBYvA.k
date: Wed, 26 Apr 2023 06:55:18 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 08:17:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 35
x-amz-server-side-encryption: AES256
etag: "bb1f54e9cb2e7c9c3e3c1b5adae79ccb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10022
x-amz-cf-id: pM5avdoNZ9gquDsuA8XD34bJ1p5wV250hynMzXf03doh5fsJtdLyNg==

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame A0AB 17 KB
18 KB 8ms
8ms Script
application/javascript 2600:9000:223c:ea00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16be4732369bed69d2ddb41d61adf1936cf47cd5f24b986b9769af99ad5bbe83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: U4DEmX2POsqEmBxZaI0PIJ1pbDUUpQlc
date: Wed, 26 Apr 2023 06:55:18 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 08:18:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 35
x-amz-server-side-encryption: AES256
etag: "6a678a06d6d5e5cce801fa3da3d54280"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17516
x-amz-cf-id: ynXfgCi8lDWn_xDwm3LG-BJKnxF2EYX9kRpF480N6uibAJOpr2I1CQ==

GET
H2 200 av_old.js Show response
cdn.holmesmind.com/js/ Frame A0AB 4 KB
4 KB 10ms
10ms Script
application/javascript 2600:9000:223c:ea00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/av_old.js
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04431a827a36b70d9174180e526ed0000fee866c9688c4009da71d863d5bb73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: yN5QEOVRFdZvtoDLKUg0iTTHj.NO8.Qr
date: Wed, 26 Apr 2023 06:55:18 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 08:17:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 35
x-amz-server-side-encryption: AES256
etag: "77d512f8676b6b3f12cadd9df9d1a1e0"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3990
x-amz-cf-id: yhfMgi5xt2Lr3M8TUtP8xR2-_peTRLNWI3kObsdIjfWV-c53ZE_BrA==

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 67F6 3 KB
3 KB 1126ms
284ms XHR
application/javascript 203.69.60.97
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.42111026173920774
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-97.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0b66f713e17baf96ca2f41c0f7d4acccb1727eb3b1f27de168c0bef3e29086e3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 26 Apr 2023 06:55:52 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1631

GET
DATA 200
OK truncated
/ Frame 67F6 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D1BF 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 160x600.jpg
img.scupio.com/img/padding/ Frame 9304 67 KB
68 KB 8ms
7ms Image
image/jpeg 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/img/padding/160x600.jpg
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: ad646482f9c46e3cad35f44a02dfb1bd79e20acac867e683dd603e900c5641a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 05:59:11 GMT
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:31:40 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA60-P3
age: 3400
etag: "607cf99c-10cfe"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 68862
x-amz-cf-id: SEpKqNA76DGp7UVfxJFGo-7igyODNSlvUk4uLr06W0gF6l9oINmO5A==
expires: Thu, 25 Apr 2024 05:59:11 GMT

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame A0AB 2 KB
2 KB 7ms
6ms Script
application/javascript 2600:9000:223c:ea00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: X_FZGTPSs9ero4MIGmhYRkOP3.WVjbBs
date: Wed, 26 Apr 2023 06:55:42 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 08:18:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 19
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: vVepITePzHG0vGdzfpVgit0Lx9kWczowQpm0inkkmbO4MVdIipEW3w==

GET
H2 200 734f3f2dbbea7a55e67788dbdcbd7865.jpg
cdn.holmesmind.com/image/16076/ Frame A0AB 85 KB
86 KB 8ms
7ms Image
image/jpeg 2600:9000:223c:ea00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/16076/734f3f2dbbea7a55e67788dbdcbd7865.jpg
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a05b46de3d273f68923007c4b18455cf8630c035046f1f7467fa839b046af6a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 11:51:16 GMT
x-amz-version-id: tuzDPPrXn_6PL8fINMhxQYDOrIcqw.nf
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Fri, 10 Mar 2023 09:48:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 68677
etag: "dbd2a639d6492ca16de2d810e9766b26"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 87502
x-amz-cf-id: rSCl4HcI-o88ybNRaRCDZe8hTa0SQdjD_Bp9FLy0QOE4Jfs87H0HZw==

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame A0AB 0
77 B 249ms
248ms Image
image/png 35.78.33.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1682492151&p=13538:71285:150194:161480546a238729d12c58dbd1524069:16076
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.33.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-33-195.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/png
date: Wed, 26 Apr 2023 06:55:52 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame A0AB 0
152 B 833ms
833ms Script
text/html 35.78.33.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=13538:71285:150194:161480546a238729d12c58dbd1524069:16076&type=0
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/av_old.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.33.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-33-195.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 syndication.js Show response
s.yimg.com/uv/dm/scripts/ 25 KB
10 KB 381ms
14ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uv/dm/scripts/syndication.js

Requested by

Host: ad.sitemaji.com
URL: http://ad.sitemaji.com/ysm_wherebank.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

71e8642e85aa88dd75824a1f2fe699393d3a74b053e1bee5781365a4a6b2030f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:54:55 GMT
x-amz-version-id: gWViWwvKJRUkkckRWgl3kGxErqBmpXh2
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 62C9W7D31T87E5WF
age: 58
x-amz-server-side-encryption: AES256
x-amz-id-2: sWbA20OqjqLVPXrdrNA+jL7jn/w/Pg1MdS1cTcEM2/33F416umC9F7vB2pU+oZ0mglaI3Ff/zMO0sw1PudKYcA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Aug 2022 22:08:26 GMT
server: ATS
etag: "061f260eea475d7a84fe9d459891db86-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=60
accept-ranges: bytes

GET tagging
pubs2-asia.creativecdn.com/bidder/pubs/ Frame BE63 0
0

GET
H2 502 setCookie
clg.doublemax.net/adserver/rtbHouse/ Frame BE63 0
0 354ms
267ms Image
text/html 35.186.230.197
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clg.doublemax.net/adserver/rtbHouse/setCookie?rhtg_rta_clickforce=&expired=86400
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.230.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.230.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET tagging
pubs2-asia.creativecdn.com/bidder/pubs/ Frame 3537 0
0

GET
H2 502 setCookie
clg.doublemax.net/adserver/rtbHouse/ Frame 3537 0
0 354ms
268ms Image
text/html 35.186.230.197
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clg.doublemax.net/adserver/rtbHouse/setCookie?rhtg_rta_clickforce=&expired=86400
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.230.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.230.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET tagging
pubs2-asia.creativecdn.com/bidder/pubs/ Frame 24B1 0
0

GET
H2 502 setCookie
clg.doublemax.net/adserver/rtbHouse/ Frame 24B1 0
0 344ms
268ms Image
text/html 35.186.230.197
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clg.doublemax.net/adserver/rtbHouse/setCookie?rhtg_rta_clickforce=&expired=86400
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.230.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.230.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame F654 0
217 B 763ms
238ms Document
text/html 54.92.30.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.doublemax.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 06:55:52 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame 1FBE 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame F0C5 5 KB
3 KB 1680ms
276ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:53 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 26 Apr 2023 07:05:53 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame F0C5
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
510 B

124ms
119ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 26 Apr 2023 06:55:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame F0C5 0
217 B 987ms
462ms Image
text/html 54.92.30.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame CF54
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
512 B

127ms
122ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 26 Apr 2023 06:55:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame CF54 0
217 B 759ms
235ms Image
text/html 54.92.30.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame ABEA 0
217 B 757ms
235ms Document
text/html 54.92.30.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.doublemax.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 06:55:52 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame EF30 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame CF54 5 KB
3 KB 1679ms
278ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:53 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 26 Apr 2023 07:05:53 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 7E92
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
511 B

125ms
119ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 26 Apr 2023 06:55:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 7E92 0
218 B 754ms
234ms Image
text/html 54.92.30.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 89D8 0
217 B 755ms
237ms Document
text/html 54.92.30.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.30.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-30-56.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.doublemax.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 06:55:52 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame 31A6 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 7E92 5 KB
3 KB 1678ms
280ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:53 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 26 Apr 2023 07:05:53 GMT

GET
H2 200 / Show response
partnerads-test.ysm.yahoo.net/ypa/ Frame 9AC4 2 KB
2 KB 204ms
165ms Document
text/html 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://partnerads-test.ysm.yahoo.net/ypa/?aws=rev&ct=2&c=000000654&u=http%3A%2F%2Fwherebank.com%2F&r=&w=1&tv=&tt=com&lo=&ty=&ts=1682492152506&ao=&h=1&CoNo=81529d79d1403a65&dT=1&er=0&si=p-digitalwall_2%3A100%25x232&psti=eyJkdCI6eyJhdSI6eyJjbCI6Ii8vYWQuc2l0ZW1hamkuY29tL3lwYS9kaWdpdGFsd2FsbC5jc3MifSwiaWlhIjp7ImFsaSI6ImxlZnQifX19

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/uv/dm/scripts/syndication.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS / Express

Resource Hash

c8b74257b6c6791a5ef4781054a6ba2f45e9d331b0b269a4392d931d8c2c4272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
content-length: 1594
content-type: text/html; charset=utf-8
date: Wed, 26 Apr 2023 06:55:52 GMT
etag: W/"63a-NcYu9nypcREsmGs7g/O1VXY+bng"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ 42 B
336 B 124ms
123ms Image
image/gif 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=1&rn=5.414210808083152

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YB42KP71C610F5NS
age: 0
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: Is7zCcrqQUA6kf0ZVeDT1LQ0nTJbilK175Yqhsz1GhVmOHtxq3hmp1bcIbT0gyHRgDzagIFy1ig=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/gif
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ 42 B
180 B 407ms
406ms Image
image/gif 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=2&rn=5.414210808083152

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YB45BFSMF2N0ZC6A
age: 0
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: ZyzWjIoLddy023KcoWAhbfbv5nPgSHL6C9TaXUjmBYAl/ffZoKMln2J0DDc/5xtxXnSepTtlSbU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/gif
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H/1.1 200
OK av Show response
ad.holmesmind.com/adserver/ Frame D47C 0
257 B 3520ms
3519ms Script
text/html 52.197.12.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.holmesmind.com/adserver/av?p=2111:69639:147876:76055cb8c6e2362b6a3b3cfa759fcd19:15679&type=1
Requested by: Host: cdn.holmesmind.com
URL: http://cdn.holmesmind.com/js/av_old.js
Protocol: HTTP/1.1
Server: 52.197.12.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-12-20.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:55 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET av
ad.holmesmind.com/adserver/ Frame 1828 0
0

GET
H2 200 resizeads.js Show response
s.yimg.com/uv/dm/scripts/ Frame 9AC4 552 B
988 B 15ms
14ms Script
text/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uv/dm/scripts/resizeads.js

Requested by

Host: partnerads-test.ysm.yahoo.net
URL: https://partnerads-test.ysm.yahoo.net/ypa/?aws=rev&ct=2&c=000000654&u=http%3A%2F%2Fwherebank.com%2F&r=&w=1&tv=&tt=com&lo=&ty=&ts=1682492152506&ao=&h=1&CoNo=81529d79d1403a65&dT=1&er=0&si=p-digitalwall_2%3A100%25x232&psti=eyJkdCI6eyJhdSI6eyJjbCI6Ii8vYWQuc2l0ZW1hamkuY29tL3lwYS9kaWdpdGFsd2FsbC5jc3MifSwiaWlhIjp7ImFsaSI6ImxlZnQifX19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fa4e782ea40343766d7e3fb3abb3617cc2fc1cb8b3ad6804fea38e988e8cc019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partnerads-test.ysm.yahoo.net/ypa/?aws=rev&ct=2&c=000000654&u=http%3A%2F%2Fwherebank.com%2F&r=&w=1&tv=&tt=com&lo=&ty=&ts=1682492152506&ao=&h=1&CoNo=81529d79d1403a65&dT=1&er=0&si=p-digitalwall_2%3A100%25x232&psti=eyJkdCI6eyJhdSI6eyJjbCI6Ii8vYWQuc2l0ZW1hamkuY29tL3lwYS9kaWdpdGFsd2FsbC5jc3MifSwiaWlhIjp7ImFsaSI6ImxlZnQifX19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:49:25 GMT
x-amz-version-id: null
x-amz-meta-created-date: Tue, 26 Sep 2017 21:10:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: EDKG2TASKVS4P3CD
age: 388
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1506460207368868
content-length: 552
x-amz-id-2: lshIsACPK//QPfRPJ1VYPs+XKJsKRDbFbFAAvPGzJlyZxSSVaugboMW3HkcYFdoZBmjR+K1SynE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 09 Mar 2018 19:27:39 GMT
server: ATS
etag: "ac896c9a394bedd6e62ae0f9cb825a3b"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600,public
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:ae448b35-dea0-4bac-9364-1b107400ba8900055a1e19874aa4"
x-amz-meta-x-ysws-access: public
expires: Fri, 09 Mar 2018 19:37:38 GMT

GET
H2 200 / Show response
partnerads-test.ysm.yahoo.net/ypa/ Frame BED4 2 KB
2 KB 67ms
66ms Document
text/html 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://partnerads-test.ysm.yahoo.net/ypa/?aws=rev&ct=2&c=000000654&u=http%3A%2F%2Fwherebank.com%2F&r=&w=1&tv=&tt=%E5%A4%96%E5%8C%AF&lo=&ty=&ts=1682492152761&ao=&h=1&CoNo=4ae498963d5723a8&dT=1&er=0&si=p-digitalwall_2%3A100%25x232&psti=eyJkdCI6eyJhdSI6eyJjbCI6Ii8vYWQuc2l0ZW1hamkuY29tL3lwYS9kaWdpdGFsd2FsbC5jc3MifSwiaWlhIjp7ImFsaSI6ImxlZnQifX19

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/uv/dm/scripts/syndication.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS / Express

Resource Hash

c8b74257b6c6791a5ef4781054a6ba2f45e9d331b0b269a4392d931d8c2c4272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
content-length: 1594
content-type: text/html; charset=utf-8
date: Wed, 26 Apr 2023 06:55:52 GMT
etag: W/"63a-NcYu9nypcREsmGs7g/O1VXY+bng"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ 42 B
181 B 120ms
119ms Image
image/gif 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=1&rn=8.992474303278819

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YB4877HKD8XE6NHF
age: 0
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: DfpuhuIVVYtaYpqt025K/hSj2Ubxj4Bx/JuS+mA659w7yNmO1UO5hqWO1fJonopYuXZGHZFyx0g=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/gif
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ 42 B
187 B 119ms
118ms Image
image/gif 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=2&rn=8.992474303278819

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YB4C57FW1QNYBTVM
age: 0
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: LrcbZk0naRV4nvq8kZonw3deo4qdw2IYjr473w/MwpKwP984rD07A4Q1dtyGm8etu1tfqlg4f0axfwW030oNSw==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/gif
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 67F6 87 KB
28 KB 72ms
31ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Apr 2023 06:55:52 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame D1BF 87 KB
28 KB 50ms
43ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Apr 2023 06:55:52 GMT

GET
H2 200 resizeads.js Show response
s.yimg.com/uv/dm/scripts/ Frame BED4 552 B
595 B 17ms
16ms Script
text/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uv/dm/scripts/resizeads.js

Requested by

Host: partnerads-test.ysm.yahoo.net
URL: https://partnerads-test.ysm.yahoo.net/ypa/?aws=rev&ct=2&c=000000654&u=http%3A%2F%2Fwherebank.com%2F&r=&w=1&tv=&tt=%E5%A4%96%E5%8C%AF&lo=&ty=&ts=1682492152761&ao=&h=1&CoNo=4ae498963d5723a8&dT=1&er=0&si=p-digitalwall_2%3A100%25x232&psti=eyJkdCI6eyJhdSI6eyJjbCI6Ii8vYWQuc2l0ZW1hamkuY29tL3lwYS9kaWdpdGFsd2FsbC5jc3MifSwiaWlhIjp7ImFsaSI6ImxlZnQifX19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fa4e782ea40343766d7e3fb3abb3617cc2fc1cb8b3ad6804fea38e988e8cc019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partnerads-test.ysm.yahoo.net/ypa/?aws=rev&ct=2&c=000000654&u=http%3A%2F%2Fwherebank.com%2F&r=&w=1&tv=&tt=%E5%A4%96%E5%8C%AF&lo=&ty=&ts=1682492152761&ao=&h=1&CoNo=4ae498963d5723a8&dT=1&er=0&si=p-digitalwall_2%3A100%25x232&psti=eyJkdCI6eyJhdSI6eyJjbCI6Ii8vYWQuc2l0ZW1hamkuY29tL3lwYS9kaWdpdGFsd2FsbC5jc3MifSwiaWlhIjp7ImFsaSI6ImxlZnQifX19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:49:25 GMT
x-amz-version-id: null
x-amz-meta-created-date: Tue, 26 Sep 2017 21:10:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: EDKG2TASKVS4P3CD
age: 388
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1506460207368868
content-length: 552
x-amz-id-2: lshIsACPK//QPfRPJ1VYPs+XKJsKRDbFbFAAvPGzJlyZxSSVaugboMW3HkcYFdoZBmjR+K1SynE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 09 Mar 2018 19:27:39 GMT
server: ATS
etag: "ac896c9a394bedd6e62ae0f9cb825a3b"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600,public
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:ae448b35-dea0-4bac-9364-1b107400ba8900055a1e19874aa4"
x-amz-meta-x-ysws-access: public
expires: Fri, 09 Mar 2018 19:37:38 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 71F5 15 KB
6 KB 42ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wherebank.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 06:55:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 350387
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 67F6 87 KB
28 KB 75ms
43ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Apr 2023 06:55:52 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3575 15 KB
6 KB 35ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wherebank.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 06:55:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 363251
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame D1BF 87 KB
28 KB 55ms
32ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Apr 2023 06:55:52 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 71F5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=wherebank.com&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ix8IQnxmVXBVbkw3UXRzQmk5SEFreU5YSllZa2JRWWF6OHk2RDBJWVV5bkxiaEkxY2VwVGxvd053emlXb09IVksyL0czUkVSc01CdHdpQjJ4Mlh0UVhlMkRIVzhJMlNsUXlLQ0xhd0tLS2hpNWl2MHdHY2pTWmxXUEdCRz...

425 B
655 B

174ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ix8IQnxmVXBVbkw3UXRzQmk5SEFreU5YSllZa2JRWWF6OHk2RDBJWVV5bkxiaEkxY2VwVGxvd053emlXb09IVksyL0czUkVSc01CdHdpQjJ4Mlh0UVhlMkRIVzhJMlNsUXlLQ0xhd0tLS2hpNWl2MHdHY2pTWmxXUEdCRzRRcGlJYkZzNS9kWGpmMWoxdjhGaXBSU0pmNmRkT2Z4Zk5lL1QxTzg4VHZuTlZuMkM2VVo5bEdVSkFNbm9HZ2xHaVpHbXBJOGdtU2phMEl6VFpGWjh4NlY5MS9ud0JkNERYRWYxUjZBbGJiU05OMUhhWkhEcnNVNlpOOHJ5MWN4ZFlYb0pYMnFvQjIvckdieEpkT0JJeHZuL0pXSHVYV2xGbHNsRXI2YXVObUhmNVY2SXg3cz18&cppv=2

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

95c1add671fbd055408f04789aabe80c5781059744ed1c15e7c9aca337090d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1708929
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ix8IQnxmVXBVbkw3UXRzQmk5SEFreU5YSllZa2JRWWF6OHk2RDBJWVV5bkxiaEkxY2VwVGxvd053emlXb09IVksyL0czUkVSc01CdHdpQjJ4Mlh0UVhlMkRIVzhJMlNsUXlLQ0xhd0tLS2hpNWl2MHdHY2pTWmxXUEdCRzRRcGlJYkZzNS9kWGpmMWoxdjhGaXBSU0pmNmRkT2Z4Zk5lL1QxTzg4VHZuTlZuMkM2VVo5bEdVSkFNbm9HZ2xHaVpHbXBJOGdtU2phMEl6VFpGWjh4NlY5MS9ud0JkNERYRWYxUjZBbGJiU05OMUhhWkhEcnNVNlpOOHJ5MWN4ZFlYb0pYMnFvQjIvckdieEpkT0JJeHZuL0pXSHVYV2xGbHNsRXI2YXVObUhmNVY2SXg3cz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 381507
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3575
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=wherebank.com&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=8BAuWnxaUEVYK1NCVHdwRlJvaFFQdi9hR21pS09hamg5M0hEWHFscFY5R3RoVm9rSGtLNC82Z2NEaUpVVG0zRUZxc0lTNHBUOW5qMEtXczF0NWNFMnc2K1JxS3hjMzJ4YWcvekl3Z29VdndVS1dXcjVZcXZqbXdGRTkydD...

446 B
659 B

175ms
19ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8BAuWnxaUEVYK1NCVHdwRlJvaFFQdi9hR21pS09hamg5M0hEWHFscFY5R3RoVm9rSGtLNC82Z2NEaUpVVG0zRUZxc0lTNHBUOW5qMEtXczF0NWNFMnc2K1JxS3hjMzJ4YWcvekl3Z29VdndVS1dXcjVZcXZqbXdGRTkydDJMQlFkRkFaTDQxS2NnOURVdWY3d1lVNm9aNnN2RzQzR1BYMkEvdE1QNWVEaDNBOGJveXdFNW9OWk1BL1NOdFRteURyaVpmREhuTk1yMW9kZXBUWmN5YlJ1aW5zSWRpTUdFTmZMTTJ1SzVrenRneEE0RlZ5ME5zRk5NcG9kc21EMG1FbHRpc09uNWxmVWFqMFJSQ3orVXQyZWNUa09jMmFwa0ZseGNzdUI2YUNMU0owSTAxbz18&cppv=2

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9466725501d46e07524fe85e431b4ca745db4ffb57c756a963e8fd3291caf14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1680776
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=8BAuWnxaUEVYK1NCVHdwRlJvaFFQdi9hR21pS09hamg5M0hEWHFscFY5R3RoVm9rSGtLNC82Z2NEaUpVVG0zRUZxc0lTNHBUOW5qMEtXczF0NWNFMnc2K1JxS3hjMzJ4YWcvekl3Z29VdndVS1dXcjVZcXZqbXdGRTkydDJMQlFkRkFaTDQxS2NnOURVdWY3d1lVNm9aNnN2RzQzR1BYMkEvdE1QNWVEaDNBOGJveXdFNW9OWk1BL1NOdFRteURyaVpmREhuTk1yMW9kZXBUWmN5YlJ1aW5zSWRpTUdFTmZMTTJ1SzVrenRneEE0RlZ5ME5zRk5NcG9kc21EMG1FbHRpc09uNWxmVWFqMFJSQ3orVXQyZWNUa09jMmFwa0ZseGNzdUI2YUNMU0owSTAxbz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 374804
content-length: 0
expires: 0

GET
H2 200 p
search.yahoo.com/beacon/geop/ 43 B
509 B 223ms
40ms Image
image/gif 2a00:1288:110:c104::2000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://search.yahoo.com/beacon/geop/p?s=1197646563&abk=0&t=1682492153007&cono=81529d79d1403a65&aC=000000654

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, enforce
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43
x-xss-protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 1C69 1 KB
1 KB 8ms
7ms Document
text/html 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1413
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Apr 2023 06:32:20 GMT
etag: W/"583295c9-4dc"
expires: Wed, 03 May 2023 06:32:20 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-id: tEvlqUoygsPzE9AlnfgdwWmYqHmqW5loUqjYUKiGwjd4091rCoGRGw==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame A0DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hBMjAyMzA0MjYxNDU1NTI3MzU1ODU%3d&layout=js
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1hBMjAyMzA0MjYxNDU1NTI3MzU1ODU%3D&layout=js&google_tc=
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBwn2822gDwy2XXaJ7hZ-0A&google_cver=1&google_ula=3918219,0

0
551 B

1138ms
281ms

Script
text/javascript

203.69.60.96
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBwn2822gDwy2XXaJ7hZ-0A&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-96.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBwn2822gDwy2XXaJ7hZ-0A&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B910
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

68ms
23ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Apr 2023 06:55:53 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 26 Apr 2023 06:55:53 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H2 200 /
www.facebook.com/tr/ Frame A0DA 0
185 B 28ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1682492153175&cd[SBST]=27&cd[PuID]=Digit

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Apr 2023 06:55:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame A0DA 35 B
413 B 389ms
93ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXA20230426145552735585
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:53 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame A6F2 1 KB
1 KB 7ms
6ms Document
text/html 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-37.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1413
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Apr 2023 06:32:20 GMT
etag: W/"583295c9-4dc"
expires: Wed, 03 May 2023 06:32:20 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-id: A1hMY46Gia-ovs_b5Mitc8OtEOLYTGyfpJyT7vt0C7id1--3v4drTA==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame E9D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q01BMjAyMzA0MjYxNDU1NTM2NDcwNjY%3d&layout=js
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q01BMjAyMzA0MjYxNDU1NTM2NDcwNjY%3D&layout=js&google_tc=
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBxNTG7Y5lFNGgMEnKmp8cQ&google_cver=1&google_ula=3918219,0

0
551 B

1139ms
281ms

Script
text/javascript

203.69.60.96
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBxNTG7Y5lFNGgMEnKmp8cQ&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-96.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEBxNTG7Y5lFNGgMEnKmp8cQ&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 418D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

52ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Apr 2023 06:55:53 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 26 Apr 2023 06:55:53 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H2 200 /
www.facebook.com/tr/ Frame E9D9 0
31 B 19ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1682492153187&cd[SBST]=27&cd[PuID]=Digit&cd[labelsource]=sp&ud[external_id]=53df05d07c933f9c9ac522040b3b0e8a6eb5f54fd65399a319de318625fc099b

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Apr 2023 06:55:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame E9D9 35 B
413 B 387ms
97ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CMA20230426145553647066
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:53 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 p
search.yahoo.com/beacon/geop/ 43 B
100 B 36ms
36ms Image
image/gif 2a00:1288:110:c104::2000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://search.yahoo.com/beacon/geop/p?s=1197646563&abk=0&t=1682492153264&cono=4ae498963d5723a8&aC=000000654

Requested by

Host: wherebank.com
URL: http://wherebank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wherebank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, enforce
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43
x-xss-protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 418D 34 KB
10 KB 58ms
58ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bee64d4884c50c52cb3fa8facf0e7e5dcf2ca8da7f557235140618ab22f516d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Apr 2023 17:16:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37220
Connection: keep-alive
Content-Length: 10019
Expires: Wed, 26 Apr 2023 17:16:13 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B910 34 KB
10 KB 10ms
10ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bee64d4884c50c52cb3fa8facf0e7e5dcf2ca8da7f557235140618ab22f516d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 06:55:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Apr 2023 17:16:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37220
Connection: keep-alive
Content-Length: 10019
Expires: Wed, 26 Apr 2023 17:16:13 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B910 284 B
536 B 48ms
11ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 418D 284 B
536 B 10ms
9ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 418D 0
239 B 726ms
166ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame F0C5 37 B
408 B 279ms
279ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

99ecd7d3caa448d2264bcd78458c3ca8e2e97c61ced0cf90a7eb2bb2d294297f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.doublemax.net
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame CF54 37 B
407 B 279ms
279ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7a55680513a6976590517321235228b7faf47e7f408f8d7061cf39011d134407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.doublemax.net
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 7E92 37 B
408 B 279ms
279ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

cc3b98c5b156df00a96038fdaeeae302ad2a4ef11b96661f937924633179883e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.doublemax.net
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame F0C5 30 B
277 B 279ms
279ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=07646b22-5089-4e27-8676-0589a59d2624

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.doublemax.net
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame CF54 30 B
277 B 279ms
278ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=e340c90f-1d05-41ad-a40d-f181c9d71a4a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.doublemax.net
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 7E92 30 B
277 B 279ms
278ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=fdf07970-eef9-43c2-86c9-6420f3817f0e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.doublemax.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.doublemax.net
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 like.php Show response
www.facebook.com/v2.6/plugins/ Frame 14BD 49 KB
17 KB 212ms
211ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36973b72aece5c%26domain%3Dwherebank.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwherebank.com%252Ff270d15fe4e358%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=http%3A%2F%2Fwherebank.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0d745a7459f1cfbf23d001e5a9c961cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c9807752d72d30adda9a6f344afd5f83347ba4a370059e1479e3f4c4500dae8

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://wherebank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 26 Apr 2023 06:55:54 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: QB0njb/C3xD2da6k3m1bBkhQDZ+9Tzb+y5VqEBIXTcvDyO6znEM9DdqWomRt9WoFx7TgYwsJTh2EETdaTPtARA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 14BD 299 B
546 B 7ms
6ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36973b72aece5c%26domain%3Dwherebank.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwherebank.com%252Ff270d15fe4e358%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=http%3A%2F%2Fwherebank.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:54 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: ByqAL1kU1XRubfqLrS/DJaB8l5EYS9g9jCgX/yHxrdvoJw9XNEwxOTE1vULX7ZyzSKcWTIgzcvaXuBSusoslHw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 Apr 2024 00:18:23 GMT

GET
H2 200 hXs8TvMxUx0.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/ Frame 14BD 512 KB
133 KB 23ms
9ms XHR
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/hXs8TvMxUx0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b385d225f277642b481cce1e9fa8375fee8918464a3836de387a54562167c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wUh8BQn32QX8gBJjK1YqBA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 135747
x-fb-rlafr: 0
x-fb-debug: RmwGMBmxIsra+jLJgbp9k7Zlq717ygRpIhW6F2fRnpERE7T3KlkDMPKSGLy7HUJYCBmsrsZ/8z/9B7J4+GrAtw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 23 Apr 2024 19:52:16 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 40ms
14ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwherebank.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 26 Apr 2023 06:55:54 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 270058
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame D1BF 2 B
372 B 14ms
14ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwherebank.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 298790
expires: 0

GET
H3 200 cm
c.holmesmind.com/ Frame D1BF 0
15 B 1190ms
1189ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: wherebank.com
URL: http://wherebank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:56 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 35ms
14ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwherebank.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 26 Apr 2023 06:55:54 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 278484
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 67F6 2 B
372 B 14ms
13ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwherebank.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 06:55:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 279406
expires: 0

GET
H3 200 cm
c.holmesmind.com/ Frame 67F6 0
15 B 1191ms
1191ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 06:55:56 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: ad.holmesmind.com
URL: http://ad.holmesmind.com/adserver/i?ut=1682492151&p=2111:69639:147876:76055cb8c6e2362b6a3b3cfa759fcd19:15679

Domain: pubs2-asia.creativecdn.com
URL: https://pubs2-asia.creativecdn.com/bidder/pubs/tagging?type=json&group=F7HElL9HGG4uutaqPwUg

Domain: pubs2-asia.creativecdn.com
URL: https://pubs2-asia.creativecdn.com/bidder/pubs/tagging?type=json&group=F7HElL9HGG4uutaqPwUg

Domain: pubs2-asia.creativecdn.com
URL: https://pubs2-asia.creativecdn.com/bidder/pubs/tagging?type=json&group=F7HElL9HGG4uutaqPwUg

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: ad.holmesmind.com
URL: http://ad.holmesmind.com/adserver/av?p=2108:70093:148572:6dc90bdbb06ad399e473da30be57bb5f:15812&type=1

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wherebank.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQQBBRAAD Value: NAFMAOPDAJCIAIIEOAJACEBC
.wherebank.com/	1970-01-20 20:57:32	Name: __utma Value: 223702365.298535185.1682492151.1682492151.1682492151.1
.wherebank.com/	1969-12-31 23:59:59	Name: __utmc Value: 223702365
.wherebank.com/	1970-01-20 15:44:20	Name: __utmz Value: 223702365.1682492151.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.wherebank.com/	1970-01-20 11:21:32	Name: __utmt Value: 1
.wherebank.com/	1970-01-20 11:21:33	Name: __utmb Value: 223702365.1.10.1682492151
wherebank.com/	1970-01-20 20:51:46	Name: __atuvc Value: 1%7C17
wherebank.com/	1970-01-20 11:21:33	Name: __atuvs Value: 6448caf68f4f8a7c000
.addthis.com/	1970-01-20 20:51:46	Name: uvc Value: 1%7C17
.adnxs.com/	1970-01-20 13:31:08	Name: uuid2 Value: 6516107681588553300
.addthis.com/	1970-01-20 20:51:46	Name: loc Value: MDAwMDBFVVJPMEIyMjQ1MjA2MTAwMDAwMDBDSA==
.holmesmind.com/	1970-01-20 11:42:39	Name: Vision Value: 20230426-23:59,20230426-17,20230426-17,20230426-23:59
.holmesmind.com/	1970-01-20 11:42:39	Name: C Value: null
.holmesmind.com/	1970-01-20 13:46:29	Name: RK Value: null
.holmesmind.com/	1970-01-20 20:57:32	Name: P Value: 539234-S0A5bNMbluxPyD3cnAzMHddF8ZZCsTGK
.criteo.com/	1970-01-20 20:43:08	Name: uid Value: f688ee6a-59fa-4ce3-9031-76ce315ca0c9
.scupio.com/	1970-01-20 11:31:36	Name: fxc Value: 1
.scupio.com/	1970-01-20 20:08:34	Name: OrgKeyValue Value: CMA20230426145553647066
.scupio.com/	1970-01-20 20:08:34	Name: gx Value: H4sIAHk7SWQA%2fxNmYGDg4ub48ujJp5Xdj60FWIVYOOwFmADWn8zmFwAAAA%3d%3d
.doubleclick.net/	1970-01-20 20:43:08	Name: IDE Value: AHWqTUn5aSeVujNOj4HTemnwPxQN72OvC81_IFi5QwiymdW809W4EnXRsD3KmMZCkmQ
.aralego.com/	1970-01-20 20:07:08	Name: gdpr Value: 1
.aralego.com/	1970-01-20 20:07:08	Name: sspid Value: d67994fe-d8c2-35ed-b579-1f41d28fde53
.hinet.net/	1970-01-20 20:57:32	Name: uuid Value: fdf07970-eef9-43c2-86c9-6420f3817f0e
.scupio.com/	1970-01-20 11:31:36	Name: gxc Value: 1

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://wherebank.com/(Line 189) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://wherebank.com/(Line 189) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html Message: Access to XMLHttpRequest at 'https://pubs2-asia.creativecdn.com/bidder/pubs/tagging?type=json&group=F7HElL9HGG4uutaqPwUg' from origin 'https://cdn.doublemax.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pubs2-asia.creativecdn.com/bidder/pubs/tagging?type=json&group=F7HElL9HGG4uutaqPwUg Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html Message: Access to XMLHttpRequest at 'https://pubs2-asia.creativecdn.com/bidder/pubs/tagging?type=json&group=F7HElL9HGG4uutaqPwUg' from origin 'https://cdn.doublemax.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pubs2-asia.creativecdn.com/bidder/pubs/tagging?type=json&group=F7HElL9HGG4uutaqPwUg Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cdn.doublemax.net/js/rtbhouse/rtbhousemapping.html Message: Access to XMLHttpRequest at 'https://pubs2-asia.creativecdn.com/bidder/pubs/tagging?type=json&group=F7HElL9HGG4uutaqPwUg' from origin 'https://cdn.doublemax.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pubs2-asia.creativecdn.com/bidder/pubs/tagging?type=json&group=F7HElL9HGG4uutaqPwUg Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://clg.doublemax.net/adserver/rtbHouse/setCookie?rhtg_rta_clickforce=&expired=86400 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://clg.doublemax.net/adserver/rtbHouse/setCookie?rhtg_rta_clickforce=&expired=86400 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://clg.doublemax.net/adserver/rtbHouse/setCookie?rhtg_rta_clickforce=&expired=86400 Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doublemax.net
ad.holmesmind.com
ad.sitemaji.com
ajax.googleapis.com
api-public.addthis.com
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdn.doublemax.net
cdn.holmesmind.com
clg.doublemax.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
connect.facebook.net
eland.doublemax.net
eus.rubiconproject.com
fcm.holmesmind.com
gum.criteo.com
ib.adnxs.com
img.scupio.com
m.addthis.com
mug.criteo.com
partnerads-test.ysm.yahoo.net
pixel-apac.rubiconproject.com
platform.twitter.com
prebid-asia.creativecdn.com
prebid.scupio.com
pubs2-asia.creativecdn.com
rec.scupio.com
s.yimg.com
s7.addthis.com
search.yahoo.com
secure-assets.rubiconproject.com
ssl.sitemaji.com
static-tagr.gd1.mookie1.com
static.criteo.net
static.doublemax.net
static.xx.fbcdn.net
sync.aralego.com
syndication.twitter.com
t.ssp.hinet.net
token.rubiconproject.com
track.sitetag.us
tw-gmtdmp.mookie1.com
v1.addthisedge.com
wherebank.com
www.facebook.com
www.google-analytics.com
z.moatads.com
ad.holmesmind.com
fcm.holmesmind.com
pubs2-asia.creativecdn.com
s7.addthis.com
103.132.192.30
104.109.78.125
104.244.42.72
13.32.99.105
13.32.99.15
13.32.99.37
172.217.18.2
178.250.7.13
185.89.210.180
185.89.210.212
192.96.203.13
2.19.224.115
2.19.35.65
203.69.60.95
203.69.60.96
203.69.60.97
203.75.214.136
23.35.237.151
2600:9000:223c:3600:0:e06c:e940:93a1
2600:9000:223c:ea00:0:e06c:e940:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3034::ac43:d48d
2a00:1288:110:c104::2000
2a00:1288:80:807::2
2a00:1450:4001:806::200a
2a00:1450:4001:829::200e
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.111.79.67
35.186.215.140
35.186.230.197
35.201.76.93
35.78.33.195
45.35.108.144
52.192.13.30
52.197.12.20
54.92.30.56
60.199.208.47
69.173.144.138
69.173.158.64
84.53.166.199
04431a827a36b70d9174180e526ed0000fee866c9688c4009da71d863d5bb73e
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0b66f713e17baf96ca2f41c0f7d4acccb1727eb3b1f27de168c0bef3e29086e3
0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6
10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b
10ddaa851ef0918fafea76edf07214df29e8842fbf9b24c82404f5500fdb797c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
165f39efd2f991bca6d093bc6a3b0d2e2b962d03a7988d20c2ec2f7bcb005dac
16be4732369bed69d2ddb41d61adf1936cf47cd5f24b986b9769af99ad5bbe83
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
1c9807752d72d30adda9a6f344afd5f83347ba4a370059e1479e3f4c4500dae8
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
26f64fe139bb8840219e301123f3b28515b4379a3b254dbcf8aeb467fe788da9
2b9253ff3ec1f7db94e43237fdf11a17e0b16783b531beec4bf88e9d42e38e2a
2d2f4f7fde4130135ad9f41d975c1a3d0c7171267b2ae7b5d6fe68af48a9fec4
2f7f1454abf044c5e851df0c6c8a88df73d655ee617261852ad258eb5ae84d9e
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
335ca9570defa53037c3f6ab4e5681999edaf666d22a93e4125ad54e48beb7f9
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3e2e0be99ae3cf2ab70482fafc85c04544783b0bbd82a797160bb7223f21825b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45eb288a7cf68b2426e52968dcf491295b7b95ec6382a753a2318bdb6f04436f
4623988312e5865044b537ccb1b3bdf21a5b48e44f255a97fccc405da4adc391
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b385d225f277642b481cce1e9fa8375fee8918464a3836de387a54562167c7e
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4f95d65331e152c29a373be4989cd457849189b06ad0ce922f07738af5755cce
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68d16955919061ddef2eb1bde9aabf790c93e5cd58e9a7dec711318d687bdce8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c452316107897cff05ea3b19caf888d804b1a0206a7d6872500c23708ad828c
71e8642e85aa88dd75824a1f2fe699393d3a74b053e1bee5781365a4a6b2030f
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7a55680513a6976590517321235228b7faf47e7f408f8d7061cf39011d134407
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671
8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f
9092abebe27a40178652ecf3ceb9b1c1e25c9d3588d9584d6aa37419c022469f
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
9466725501d46e07524fe85e431b4ca745db4ffb57c756a963e8fd3291caf14c
95c1add671fbd055408f04789aabe80c5781059744ed1c15e7c9aca337090d6d
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ecd7d3caa448d2264bcd78458c3ca8e2e97c61ced0cf90a7eb2bb2d294297f
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9f71211d3378294d1c4bc41a1c1ecd741df5722acb685b74a01a9e3fd65a3845
a05b46de3d273f68923007c4b18455cf8630c035046f1f7467fa839b046af6a9
a1a19dcf2384af138c67dbe6395455c9637b9fb9ac1737681878dab0cd5ed43f
a4b64bcdeb8d12d915118f328edd41e28c00892e6c8521081ea028a33e9a4e15
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad646482f9c46e3cad35f44a02dfb1bd79e20acac867e683dd603e900c5641a1
afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b96bf3ab049efe889b4e82452bac636869ac65647beaff1e988c0d5e3acaad97
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bee64d4884c50c52cb3fa8facf0e7e5dcf2ca8da7f557235140618ab22f516d8
c69e528427c8218cb4bc5fe647db3366146403d53593a3f96482479a14eca234
c8b74257b6c6791a5ef4781054a6ba2f45e9d331b0b269a4392d931d8c2c4272
cc3b98c5b156df00a96038fdaeeae302ad2a4ef11b96661f937924633179883e
cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
dc5b9360d4a70de29836b2d9edc30962ece8ef5d8ab9c8ea0e94f60a455ac141
df7817118aa3711c4b19c7973938945e970bc5746406270a7a7f4d7b2a5d4793
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa4e782ea40343766d7e3fb3abb3617cc2fc1cb8b3ad6804fea38e988e8cc019

wherebank.com Open in urlscan Pro 45.35.108.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

159 Requests

71 %HTTPS

30 %IPv6

27 Domains

49 Subdomains

42 IPs

8 Countries

1518 kBTransfer

3730 kBSize

24 Cookies

0 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

wherebank.com Open in urlscan Pro
45.35.108.144 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

71 %
HTTPS

30 %
IPv6

27
Domains

49
Subdomains

42
IPs

8
Countries

1518 kB
Transfer

3730 kB
Size

24
Cookies

159 HTTP transactions
5 data transactions