www.bibank.com Open in urlscan Pro
104.18.24.218  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://hhfal.org/ HTTP 301
   https://www.bibank.com/helping-hands-foundation Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

• https://6856376.fls.doubleclick.net/activityi;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463 HTTP 302
• https://6856376.fls.doubleclick.net/activityi;dc_pre=CPDb1Iju_IQDFQ90QQId8ScH3g;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463

Request Chain 74

• https://insight.adsrvr.org/tags/ke0jjcx/h9q6rcf/iframe HTTP 301
• https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe

Request Chain 83

• https://www.vimeo.com/api/oembed.json?url=https://vimeo.com/134839839&callback=vimeoCallback HTTP 301
• https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/134839839

Request Chain 93

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329530855263318&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a312-048069b7df9c%253A1710732200.0059166%26_%3D1710732200.4280934&cb=1710732200.4281225 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424305028771&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a312-048069b7df9c%253A1710732200.0059166%26_%3D1710732200.4280934 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.4280934

Request Chain 95

• https://ib.adnxs.com/setuid?entity=18&code=5133329530855263318 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329530855263318

Request Chain 96

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329530855263318&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329530855263318&redir=

Request Chain 99

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0

Request Chain 102

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530855263318&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530855263318&forward=&C=1

Request Chain 108

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfezqAAAARAdSgA9 HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAAAARAdSgA9&_test=ZfezqAAAARAdSgA9

Request Chain 109

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0

Request Chain 110

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfezqAABrW4OTgAo HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAABrW4OTgAo&_test=ZfezqAABrW4OTgAo

Request Chain 111

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210830249393806&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a312-048069b7df9c%253A1710732200.0059166%26_%3D1710732200.435899&cb=1710732200.4359288 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424305028771&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a312-048069b7df9c%253A1710732200.0059166%26_%3D1710732200.435899 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.435899

Request Chain 113

• https://ib.adnxs.com/setuid?entity=18&code=5141210830249393806 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210830249393806

Request Chain 114

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210830249393806&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210830249393806&redir=

Request Chain 119

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210830249393806&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210830249393806&forward=&C=1

Request Chain 125

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0

Request Chain 126

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfezqAABrZcOVAAo HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAABrZcOVAAo&_test=ZfezqAABrZcOVAAo

Request Chain 127

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424305028771&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a312-048069b7df9c%253A1710732200.0059166%26_%3D1710732200.5837994&cb=1710732200.5838244 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424305028771&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a312-048069b7df9c%253A1710732200.0059166%26_%3D1710732200.5837994 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.5837994

Request Chain 129

• https://ib.adnxs.com/setuid?entity=18&code=5134455424305028771 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455424305028771

Request Chain 130

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455424305028771&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455424305028771&redir=

Request Chain 135

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424305028771&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424305028771&forward=&C=1

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request helping-hands-foundation Show response www.bibank.com/ Redirect Chain http://hhfal.org/ https://www.bibank.com/helping-hands-foundation	35 KB 10 KB	587ms 545ms	Document text/html	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1640099d38a779f961aaf818437dbde397f3b9a6a583fe2bbbfa0d659c64fa3 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 86621a6dd83f371a-FRA content-encoding gzip content-length 9439 content-type text/html; charset=utf-8 date Mon, 18 Mar 2024 03:23:18 GMT expires Mon, 18 Mar 2024 03:23:18 GMT server cloudflare strict-transport-security max-age=16070400 vary Accept-Encoding via varnish x-ad-insert-result success x-content-type-options nosniff x-frame-options SAMEORIGIN x-varnish 125481780 x-varnish-count 0 x-varnish-hitmiss MISS x-varnish-ttl 0.000 x-xss-protection 1; mode=block Redirect headers Connection keep-alive Content-Length 82 Content-Type text/html; charset=utf-8 Date Mon, 18 Mar 2024 03:23:17 GMT Location https://www.bibank.com/helping-hands-foundation Server ip-100-74-2-70.eu-west-2.compute.internal X-Request-Id 2f7e8c39-c045-42d9-8151-a355e5084d06
GET H2	200	hco_fonts.css fonts.bibank.com/hco_fonts/	2 KB 2 KB	391ms 124ms	Stylesheet text/css	12.162.17.202 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://fonts.bibank.com/hco_fonts/hco_fonts.css Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.162.17.202 Madison, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash ce0711bd7f3a4b5f51f693df400b273b345f4227bdb32e75b4bfd236a35091b0 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=0 date Mon, 18 Mar 2024 03:23:18 GMT last-modified Tue, 27 Mar 2018 16:38:40 GMT server Microsoft-IIS/10.0 etag "0a8aefeac5d31:0" x-powered-by ASP.NET content-type text/css accept-ranges bytes content-length 2402
GET H2	200	main.min.css www.bibank.com/assets/css/	252 KB 33 KB	565ms 565ms	Stylesheet text/css	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/css/main.min.css?v=201809100226 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 128bb31824304439993f2443015058a99bcbfa204eb856c6318f6598261b130f Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status MISS x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="main.min.css" content-length 33700 x-xss-protection 1; mode=block x-varnish-count 1056 last-modified Mon, 11 Mar 2024 17:30:12 GMT server cloudflare etag "85b4ca79a20d8abfcce01789a28882b7" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css x-varnish 71279517 22806576 cache-control public, max-age=14400 accept-ranges bytes cf-ray 86621a713a31371a-FRA expires Mon, 18 Mar 2024 07:23:19 GMT
GET H2	200	helping-hands-workers.jpg www.bibank.com/assets/files/Z2GupajR/	378 KB 379 KB	574ms 574ms	Image image/jpeg	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/files/Z2GupajR/helping-hands-workers.jpg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14f008de9baa71c1c0feb4ff8c3f909f4595bb07de6a33c155d7293e1ee8dac6 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-hitmiss MISS content-disposition filename="helping-hands-workers.jpg" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 24 Oct 2023 18:58:27 GMT server cloudflare etag "c18e61e9f172febf987e7ff8e76d37b6" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg x-varnish 71279518 cache-control public, max-age=14400 cf-ray 86621a714a32371a-FRA expires Mon, 18 Mar 2024 07:23:19 GMT
GET H2	200	helping-hands-race.jpg www.bibank.com/assets/files/iC5LsDyM/	205 KB 205 KB	576ms 576ms	Image image/jpeg	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/files/iC5LsDyM/helping-hands-race.jpg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5acf63dd6a4e980b34189058cd02bd0443dfbe27cef10ef08eb4610aa9e29433 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-hitmiss MISS content-disposition filename="helping-hands-race.jpg" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 24 Oct 2023 20:44:11 GMT server cloudflare etag "506816a72edbb1ad0ecdef7b8379a006" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg x-varnish 71538424 cache-control public, max-age=14400 cf-ray 86621a714a33371a-FRA expires Mon, 18 Mar 2024 07:23:19 GMT
GET H2	200	helping-hands-una.jpg www.bibank.com/assets/files/E5K2F61S/	253 KB 254 KB	577ms 575ms	Image image/jpeg	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/files/E5K2F61S/helping-hands-una.jpg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51097597bfad8ddca4a10354d5dbad3ee26716a8d7c8b62805ebc4b05f52dee9 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-hitmiss MISS content-disposition filename="helping-hands-una.jpg" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 24 Oct 2023 20:45:57 GMT server cloudflare etag "b6397ea4225c9bafc7f03bd7c8d42e07" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg x-varnish 125539167 cache-control public, max-age=14400 cf-ray 86621a74dc33371a-FRA expires Mon, 18 Mar 2024 07:23:19 GMT
GET H2	200	helping-hands-food-barn.jpg www.bibank.com/assets/files/dZhznKAo/	193 KB 193 KB	575ms 573ms	Image image/jpeg	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/files/dZhznKAo/helping-hands-food-barn.jpg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a928069b0c75c6f5f9ee02cc6e895e7962d0b4527b168facf9941c2f9374ed4 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-hitmiss MISS content-disposition filename="helping-hands-food-barn.jpg" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 24 Oct 2023 20:57:59 GMT server cloudflare etag "a8ad7a8f1d0ecbf8b32ed6674077929e" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg x-varnish 71506932 cache-control public, max-age=14400 cf-ray 86621a74dc35371a-FRA expires Mon, 18 Mar 2024 07:23:19 GMT
GET H2	200	shelter_share_logo.png www.bibank.com/assets/content/UWgE1OaK/2017/06/13/	10 KB 10 KB	20ms 19ms	Image image/png	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/content/UWgE1OaK/2017/06/13/shelter_share_logo.png Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d91d41cfbfeb3cd265396af580a0ff3f3a1a0fcc1adfee267f042a3e201e814 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status HIT via varnish age 169453 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="shelter_share_logo.png" content-length 9775 x-xss-protection 1; mode=block x-varnish-count 2 last-modified Tue, 13 Jun 2017 21:02:08 GMT server cloudflare etag "d7c2a5b81364bfaa9c410436fcc99897" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png x-varnish 56055395 54919485 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 86621a74dc36371a-FRA expires Tue, 18 Mar 2025 03:23:19 GMT
GET H2	200	food_share_logo.png www.bibank.com/assets/content/49FudetG/2017/06/13/	11 KB 11 KB	22ms 21ms	Image image/png	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/content/49FudetG/2017/06/13/food_share_logo.png Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3270881a2989e27d39495dc9c2a206226726dc8a2491c17b3bd1ac23505bcd83 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status HIT via varnish age 169453 x-varnish-ttl 259200.000 x-varnish-hitmiss MISS content-disposition filename="food_share_logo.png" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 13 Jun 2017 21:02:08 GMT server cloudflare etag "ee59a1abcf09d9be1fa50ad2b369a39a" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png x-varnish 57767636 cache-control public, max-age=31536000 cf-ray 86621a74dc38371a-FRA expires Tue, 18 Mar 2025 03:23:19 GMT
GET H2	200	school_share_logo.png www.bibank.com/assets/content/1ZfeVwa3/2017/06/13/	10 KB 11 KB	23ms 22ms	Image image/png	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/content/1ZfeVwa3/2017/06/13/school_share_logo.png Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21e9a8ff01c0591cfd0456d05bd82b9144a6b3ec4b44867c397a7c720bfe1fa7 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status HIT via varnish age 169453 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="school_share_logo.png" content-length 10730 x-xss-protection 1; mode=block x-varnish-count 1 last-modified Tue, 13 Jun 2017 21:02:08 GMT server cloudflare etag "9604967d600122bdb708f52e3412d5ba" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png x-varnish 55464614 55452309 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 86621a74dc39371a-FRA expires Tue, 18 Mar 2025 03:23:19 GMT
GET H2	200	toy_share_logo.png www.bibank.com/assets/content/h8QJ4Uyy/2017/06/13/	9 KB 9 KB	21ms 20ms	Image image/png	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/content/h8QJ4Uyy/2017/06/13/toy_share_logo.png Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe4aaf6bce3e9fda2dddb0500b80e2b6e42a4b086710ed18c73d0136d4cc5cfd Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status HIT via varnish age 169453 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="toy_share_logo.png" content-length 9092 x-xss-protection 1; mode=block x-varnish-count 2 last-modified Tue, 13 Jun 2017 21:02:08 GMT server cloudflare etag "0a054e37a369516e3fcd56e36da08aee" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png x-varnish 58176451 56356597 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 86621a74dc3a371a-FRA expires Tue, 18 Mar 2025 03:23:19 GMT
GET H2	200	bank-independent.svg www.bibank.com/assets/img/	8 KB 2 KB	955ms 955ms	Image image/svg+xml	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/img/bank-independent.svg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ec5af6fceecab5dfc87ec8dc855a3fc4e5f5c74f4baba17d0c319cb8bb4aedb Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status MISS x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="bank-independent.svg" content-length 1920 x-xss-protection 1; mode=block x-varnish-count 1026 last-modified Mon, 11 Mar 2024 17:30:12 GMT server cloudflare etag "cd3bff879f47fa64f7d304e9692d543f" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml x-varnish 125539174 82083868 cache-control public, max-age=14400 accept-ranges bytes cf-ray 86621a74dc3b371a-FRA expires Mon, 18 Mar 2024 07:23:20 GMT
GET H2	200	jquery.min.js Show response www.bibank.com/assets/js/	86 KB 30 KB	568ms 567ms	Script application/javascript	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/js/jquery.min.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51e85114205d48b4e420f9cdbc05ec1a7abce62539ac43ef0390ab554f350498 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status MISS x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="jquery.min.js" content-length 30965 x-xss-protection 1; mode=block x-varnish-count 1042 last-modified Mon, 11 Mar 2024 17:30:12 GMT server cloudflare etag "55d445d3a4511431031c4d6f7ab1e3f5" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript x-varnish 71224187 4587540 cache-control public, max-age=14400 accept-ranges bytes cf-ray 86621a74dc37371a-FRA expires Mon, 18 Mar 2024 07:23:19 GMT
GET H2	200	script.min.js Show response www.bibank.com/assets/js/	249 KB 68 KB	570ms 569ms	Script application/javascript	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/js/script.min.js?v=201809101000 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 446a761d58b2840c051ca8b1bf7bf2237945accc9dc9ae411688ec64ec197d60 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status MISS x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="script.min.js" content-length 69671 x-xss-protection 1; mode=block x-varnish-count 1048 last-modified Mon, 11 Mar 2024 17:30:12 GMT server cloudflare etag "204d0785471bae7ab25b8dc32dbb9603" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript x-varnish 71572443 12386311 cache-control public, max-age=14400 accept-ranges bytes cf-ray 86621a74dc3c371a-FRA expires Mon, 18 Mar 2024 07:23:19 GMT
GET H2	200	disclaimers.js Show response www.bibank.com/assets/target/	3 KB 2 KB	18ms 18ms	Script application/javascript	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/target/disclaimers.js?bh=7b4bcc Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status HIT age 361398 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-length 1400 x-xss-protection 1; mode=block x-varnish-count 2 last-modified Thu, 07 Mar 2024 18:17:30 GMT server cloudflare etag "709b2500a5812eb0b64c6a0156896cae" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 x-varnish 9640807 3606120 cache-control public, max-age=15552000 accept-ranges bytes cf-ray 86621a74dc3d371a-FRA expires Sat, 14 Sep 2024 03:23:19 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	310 KB 105 KB	190ms 47ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5bac2c85ad70b69bbb3673ffd8cff81236bf0692fad2f641ae61a1760ac26def Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 107553 x-xss-protection 0 last-modified Mon, 18 Mar 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 18 Mar 2024 03:23:19 GMT
GET H/1.1	200 OK	134839839 Show response player.vimeo.com/video/ Frame B1F1	18 KB 10 KB	339ms 279ms	Document text/html	162.159.128.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e071d22fee7dce1511bddf881dd52da6a1bb5cc1b5f20e8068a53f48cb746413 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 86621a75dab62c5a-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 18 Mar 2024 03:23:19 GMT Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Via 1.1 varnish X-Cache MISS X-Cache-Hits 0 X-Served-By cache-fra-eddf8230036-FRA X-Timer S1710732199.354658,VS0,VE250 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp expires Fri, 15 Dec 1985 19:30:00 GMT link <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin strict-transport-security max-age=31536000; includeSubDomains; preload x-backend-server player-backend-edge-entry x-bapp-server player-backend-f4486c69f-gqlm7 x-content-type-options nosniff x-host player-backend-f4486c69f-gqlm7 x-player-backend g x-xss-protection 1; mode=block
GET H2	200	bank-independent.svg www.bibank.com/assets/img/	8 KB 2 KB	455ms 455ms	Image image/svg+xml	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/img/bank-independent.svg Requested by Host: www.bibank.com URL: https://www.bibank.com/assets/css/main.min.css?v=201809100226 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ec5af6fceecab5dfc87ec8dc855a3fc4e5f5c74f4baba17d0c319cb8bb4aedb Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/assets/css/main.min.css?v=201809100226 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status MISS x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="bank-independent.svg" content-length 1920 x-xss-protection 1; mode=block x-varnish-count 1025 last-modified Mon, 11 Mar 2024 17:30:12 GMT server cloudflare etag "cd3bff879f47fa64f7d304e9692d543f" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml x-varnish 125348226 82083868 cache-control public, max-age=14400 accept-ranges bytes cf-ray 86621a74dc47371a-FRA expires Mon, 18 Mar 2024 07:23:19 GMT
GET DATA	200 OK	truncated /	178 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b50138f39117ee6aee422c2a2d1959ebb471d3aec40bd9d16d5569b9db117a6e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET		Gotham-Bold_Web.woff2 fonts.bibank.com/hco_fonts/woff2/	0 0
GET		Gotham-Book_Web.woff2 fonts.bibank.com/hco_fonts/woff2/	0 0
GET H2	200	Icons.woff2 www.bibank.com/assets/font/	3 KB 3 KB	458ms 456ms	Font application/octet-stream	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/font/Icons.woff2 Requested by Host: www.bibank.com URL: https://www.bibank.com/assets/css/main.min.css?v=201809100226 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe4045fab6556869fd23e169bbca3058998f8b37464f3d6b64dcca87c890e5c4 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.bibank.com/assets/css/main.min.css?v=201809100226 Origin https://www.bibank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="Icons.woff2" x-varnish-count 982 content-length 2960 x-xss-protection 1; mode=block last-modified Mon, 11 Mar 2024 17:30:13 GMT server cloudflare etag "09512a93ac2dde7557c53c56d1e617b2" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/octet-stream x-varnish 128429622 90931212 cache-control public, max-age=14400 accept-ranges bytes cf-ray 86621a74dc49371a-FRA expires Mon, 18 Mar 2024 07:23:19 GMT
GET		Gotham-Light_Web.woff2 fonts.bibank.com/hco_fonts/woff2/	0 0
GET		Gotham-Medium_Web.woff2 fonts.bibank.com/hco_fonts/woff2/	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	292 KB 94 KB	75ms 48ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZECZZ7WPX7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a7da12502c3c4a9e0db64f4fd4ca222128454fa8702c3e6406ac92e9d530dd76 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96177 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 18 Mar 2024 03:23:19 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	205 KB 75 KB	70ms 43ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-984311135&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 026f516749ee834cd3bbec217b877a2d36be3bc08d9ebb9810930c7dc430c144 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 76420 x-xss-protection 0 last-modified Mon, 18 Mar 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 18 Mar 2024 03:23:19 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	126ms 35ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 18 Mar 2024 01:38:42 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 6277 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 18 Mar 2024 03:38:42 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	216 KB 58 KB	49ms 7ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 18 Mar 2024 03:23:19 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57659 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug wUFFhIytOLh3IjEdtlFdA3J2MlnW0bgJpDx8fHEYsfRbD+3y12SSZYVVg9EDiL0raPP0OOe1LbLAKqDIDB4j6A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1 Show response api.alpharank.io/api/pixel/script/	497 B 850 B	585ms 177ms	Script text/javascript	52.88.183.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.alpharank.io/api/pixel/script/51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-183-153.us-west-2.compute.amazonaws.com Software nginx/1.12.2 / Express Resource Hash 02f12351cfc8bffe901d5b0fdacc9e2474dbd9f3878ae3e4e44b037eaa15ca48 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:19 GMT Server nginx/1.12.2 X-Powered-By Express ETag W/"1f1-d34FnaSbejjQRGhtJFGjKzDyLRw" Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin undefined Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 497
GET H2	200	377014.js Show response js.hs-analytics.net/analytics/1710732300000/	66 KB 21 KB	188ms 146ms	Script text/javascript	2606:4700::6810:4dba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1710732300000/377014.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86eb8c7b6882b774681b123dc0574e8ebc229cc92e2a802d7e4ea4c76bd292b9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id Z97EX8WWCMR7Y37E x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 8b4e68da-ca90-4387-8330-d7b30fc80ec3 x-envoy-upstream-service-time 29 x-amz-id-2 lwTl/ETxBWjQcRkGQCBwD/Lujc/L7J4ZLA1lkI1e5HFOaucO3la8ofZra2B+giXAdxFVDYOdyN+mbFKSh8Lb1o3M6HOoQcxW7BIaEBviRvk= x-evy-trace-listener listener_https x-request-id 8b4e68da-ca90-4387-8330-d7b30fc80ec3 x-evy-trace-route-configuration listener_https/all last-modified Tue, 27 Feb 2024 15:23:16 GMT server cloudflare etag W/"c12e508000d0338d59fa70675f3a7f30" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-hgmm2 cache-control max-age=300,public access-control-allow-credentials false cf-ray 86621a7718f3922c-FRA expires Mon, 18 Mar 2024 03:28:19 GMT
GET H2	200	Bank_Independent.js Show response tag.brandcdn.com/autoscript/bankindependent_vgtsqmvfnvvvvda9/	1 KB 1 KB	103ms 8ms	Script text/javascript	2600:9000:225e:5800:7:e536:8b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.brandcdn.com/autoscript/bankindependent_vgtsqmvfnvvvvda9/Bank_Independent.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:5800:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0044c4ac4a9af27c4a87e225e8a2b32e4c45167a2b669e9657379261f182c917 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id MEUNkfJLx8hxebRtPqeOgEsFGxa4lbAU date Sun, 17 Mar 2024 04:19:39 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) last-modified Thu, 04 Jan 2024 16:04:49 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 83021 x-amz-server-side-encryption AES256 etag "3b5c4e1644df1035fc0d5c7f5f30e6da" x-cache Hit from cloudfront content-type text/javascript x-amz-replication-status COMPLETED accept-ranges bytes content-length 1092 x-amz-cf-id taA3W567YGQUHJnm1xMUrPRyEdrL8k6atHlKbcXgOs6E0ddvg5vw_Q==
GET H/1.1	200 OK	piwik.js Show response analytics.loanspq.com/	57 KB 20 KB	675ms 327ms	Script application/x-javascript	168.61.6.168 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://analytics.loanspq.com/piwik.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.61.6.168 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software envoy / Resource Hash 714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip last-modified Mon, 14 Nov 2016 23:08:00 GMT server envoy etag "0489cf1cb3ed21:0" vary Accept-Encoding content-type application/x-javascript accept-ranges bytes content-length 20017
GET H2	200	siteanalyze_79671.js Show response siteimproveanalytics.com/js/	28 KB 10 KB	57ms 15ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteimproveanalytics.com/js/siteanalyze_79671.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44e1d1e5a6abf2fbc3741e1e6a2304029d4eaaab5108770422f2b0f6b1016b31 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 6H2B4BSKZWMTZ255 age 5386 alt-svc h3=":443"; ma=86400 content-length 9560 x-amz-id-2 YaWtN7QhX+2k1ypqye8XBoeNHhJc99RwubuxZKTrukPyOFl/i39uQLd53pyEtBDCCYkOaOO9dgY= last-modified Wed, 14 Feb 2024 17:03:50 GMT server cloudflare etag "aab2bac426a90a6864ec618303a7cd2a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFjJF2V7YdWehDL%2BAJUPTvasPytN36zmr21%2B40qYUeUQ9e0IQF4HSwhYF4jPeTZL7fs7A3gTU1P06frcafU%2BiIwWjWw0nv8LBq%2FN3UJVJRWUBgxVuPzZLR1jvYVB2RfAjO17Ke9OD2bGWp8LkDVHEAmvqFbSt7A%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=86400, no-transform accept-ranges bytes cf-ray 86621a7718811db1-FRA
GET H2	200	367986023874680 Show response connect.facebook.net/signals/config/	50 KB 11 KB	65ms 58ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/367986023874680?v=2.9.150&r=stable&domain=www.bibank.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9d1510568fa02b930ac52a0ad62cde83ee029051fb9e740cd038241335a03f03 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 18 Mar 2024 03:23:19 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=9, rtx=0, c=62, mss=1326, tbw=62789, tp=-1, tpl=-1, uplat=52, ullat=0 pragma public x-fb-debug Og2ckPTyG2dDAokLeIzkLFgJLxxYcYSiVtcuoQ4RZubn6uliVrFwOLRbV1Ry7K/hRuGg7V72tSkfW4vaw70ORQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 254 B	51ms 21ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-ZECZZ7WPX7&gtm=45je43d0v880934268z878288638za200&_p=1710732199166&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1923545953.1710732200&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710732199&sct=1&seg=0&dl=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&dt=Helping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1726 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZECZZ7WPX7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:19 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 245 B	75ms 20ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZECZZ7WPX7&cid=1923545953.1710732200&gtm=45je43d0v880934268z878288638za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZECZZ7WPX7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:19 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	128ms 49ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZECZZ7WPX7&cid=1923545953.1710732200&gtm=45je43d0v880934268z878288638za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=2056285419 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	player.module.js Show response f.vimeocdn.com/p/4.28.19/js/ Frame B1F1	576 KB 139 KB	59ms 6ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/js/player.module.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 11c774d490b4387dfaa0cf966b8bdcb71933784072e2ffd879b13c0ebdeeaacf Request headers Referer https://player.vimeo.com/ Origin https://player.vimeo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kjyo7100029-IAD, cache-fra-eddf8230130-FRA date Mon, 18 Mar 2024 03:23:19 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 214310 x-timer S1710732200.681427,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 141805 x-cache-hits 1, 66909
GET H2	200	vendor.module.js Show response f.vimeocdn.com/p/4.28.19/js/ Frame B1F1	418 KB 100 KB	71ms 18ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c1621a2bc759edda87d72a1a929432897cead8f4b080120d242a432f1c410ffa Request headers Referer https://player.vimeo.com/ Origin https://player.vimeo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kiad7000079-IAD, cache-fra-eddf8230130-FRA date Mon, 18 Mar 2024 03:23:19 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 300709 x-timer S1710732200.681537,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 102420 x-cache-hits 23, 108444
GET H2	200	player.css f.vimeocdn.com/p/4.28.19/css/ Frame B1F1	209 KB 22 KB	59ms 6ms	Stylesheet text/css	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1ce3d65c557d94ad5dccc7ea1faeedea3034fea95599e93a016ac54a7e891566 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kjyo7100093-IAD, cache-fra-eddf8230030-FRA date Mon, 18 Mar 2024 03:23:19 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 300710 x-timer S1710732200.681465,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 22133 x-cache-hits 9, 108245
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame B1F1	1 KB 1 KB	53ms 7ms	Image image/avif	151.101.192.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.192.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5ae08c137a5838eead0696287a28c71d15209c5165866521c2ab4340fd3abb27 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1584924 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 1139 x-served-by cache-dfw-kdfw8210028-DFW, cache-fra-eddf8230115-FRA x-timer S1710732200.681601,VS0,VE1 etag "579e887a5abda8ef496a71aa2a6d4d20" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 21, 1
GET H2	200	/ www.facebook.com/tr/	0 273 B	37ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=367986023874680&ev=PageView&dl=https%3A%2F%2Fwww.bibank.com&rl=&if=false&ts=1710732199647&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4124&fbp=fb.1.1710732199646.896316647&pm=1&hrl=10e8f3&ler=empty&cdl=API_unavailable&it=1710732199565&coo=false&cs_cc=1&cas=6110418262343502%2C2474861135928959&rqm=GET Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2808, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Mon, 18 Mar 2024 03:23:19 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 208 B	44ms 44ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1028760657&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&ul=en-us&de=UTF-8&dt=Helping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=1440033654&gjid=1854712167&cid=1923545953.1710732200&tid=UA-24666000-1&_gid=859772643.1710732200&_slc=1&gtm=45He43d0n81NXP8N22v78288638za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1707809689 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.bibank.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	43ms 21ms	XHR text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-24666000-1&cid=1923545953.1710732200&jid=1440033654&gjid=1854712167&_gid=859772643.1710732200&npa=1&_u=YCDAiEABBAAAAGAAI~&z=378662747 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bibank.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 18 Mar 2024 03:23:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	126ms 46ms	Image image/gif	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24666000-1&cid=1923545953.1710732200&jid=1440033654&npa=1&_u=YCDAiEABBAAAAGAAI~&z=215968745 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	47ms 45ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24666000-1&cid=1923545953.1710732200&jid=1440033654&npa=1&_u=YCDAiEABBAAAAGAAI~&z=215968745 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame B1F1	2 KB 1 KB	20ms 6ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kiad7000106-IAD, cache-fra-eddf8230030-FRA date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 2327812 x-timer S1710732200.745350,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 985 x-cache-hits 1, 548182
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame B1F1	4 KB 2 KB	132ms 50ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 18 Mar 2024 03:23:19 GMT
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame B1F1	23 KB 24 KB	14ms 10ms	Image image/avif	151.101.192.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=1200&mh=684 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.192.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 563bdf145c21eeace296d84a003ccd63957a2e85f6cc4fd6092a688f2f1708a4 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1578535 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 24035 x-served-by cache-dfw-kdal2120056-DFW, cache-fra-eddf8230115-FRA x-timer S1710732200.762075,VS0,VE2 etag "59a5550a42b27aea81c31774eb0a98be" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 13, 1
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame B1F1	0 142 B	174ms 126ms	Ping text/plain	34.120.202.204 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0075b7f404dd526280e54ddba11691184fc30bb81710732199 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Mon, 18 Mar 2024 03:23:19 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST		vuid vimeo.com/ablincoln/ Frame B1F1	0 0
GET		kernel.js kernel-serve.banno.com/	0 0
GET H/1.1	200 OK	134839839 Show response player.vimeo.com/video/ Frame B1F1	18 KB 9 KB	235ms 235ms	Document text/html	162.159.128.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ab31cd4ed3ef38b7ea1af3f3b1715ac85fa352bc20dfbcdc38f9a54d3eae377 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 86621a78bc012c5a-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 18 Mar 2024 03:23:20 GMT Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Via 1.1 varnish X-Cache MISS X-Cache-Hits 0 X-Served-By cache-fra-eddf8230036-FRA X-Timer S1710732200.808749,VS0,VE200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp expires Fri, 15 Dec 1985 19:30:00 GMT link <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin strict-transport-security max-age=31536000; includeSubDomains; preload x-backend-server player-backend-edge-entry x-bapp-server player-backend-f4486c69f-khmn9 x-content-type-options nosniff x-host player-backend-f4486c69f-khmn9 x-player-backend g x-xss-protection 1; mode=block
GET H2	200	activityi;dc_pre=CPDb1Iju_IQDFQ90QQId8ScH3g;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463 Show response 6856376.fls.doubleclick.net/ Frame 51E8 Redirect Chain https://6856376.fls.doubleclick.net/activityi;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463? https://6856376.fls.doubleclick.net/activityi;dc_pre=CPDb1Iju_IQDFQ90QQId8ScH3g;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463?	2 KB 1 KB	72ms 41ms	Document text/html	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6856376.fls.doubleclick.net/activityi;dc_pre=CPDb1Iju_IQDFQ90QQId8ScH3g;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash 0a4f1261d03ae6d0ecf949b1b41568451d48b11dfab91122ab7f91d0c918fa37 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 923 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 03:23:20 GMT expires Mon, 18 Mar 2024 03:23:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 03:23:19 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://6856376.fls.doubleclick.net/activityi;dc_pre=CPDb1Iju_IQDFQ90QQId8ScH3g;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	activity;xsp=4360657;ord=1;num=9288577610737.31 pubads.g.doubleclick.net/	42 B 440 B	183ms 71ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pubads.g.doubleclick.net/activity;xsp=4360657;ord=1;num=9288577610737.31? Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	t.js vidassets.terminus.services/be63dc52-477a-4595-bb5d-c9d27622fdc4/	0 0	87ms 35ms	Script application/json	18.66.192.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vidassets.terminus.services/be63dc52-477a-4595-bb5d-c9d27622fdc4/t.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-127.muc50.r.cloudfront.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET		Gotham-Bold_Web.woff fonts.bibank.com/hco_fonts/woff/	0 0
GET		Gotham-Light_Web.woff fonts.bibank.com/hco_fonts/woff/	0 0
GET		Gotham-Book_Web.woff fonts.bibank.com/hco_fonts/woff/	0 0
GET		Gotham-Medium_Web.woff fonts.bibank.com/hco_fonts/woff/	0 0
GET		image.aspx {account_id}.global.siteimproveanalytics.io/	0 0
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame B1F1	23 KB 24 KB	7ms 6ms	Image image/avif	151.101.192.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=1200&mh=684 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.192.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 563bdf145c21eeace296d84a003ccd63957a2e85f6cc4fd6092a688f2f1708a4 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1578535 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 24035 x-served-by cache-dfw-kdal2120056-DFW, cache-fra-eddf8230115-FRA x-timer S1710732200.849769,VS0,VE0 etag "59a5550a42b27aea81c31774eb0a98be" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 13, 2
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame B1F1	1 KB 1 KB	7ms 6ms	Image image/avif	151.101.192.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=80&q=85 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.192.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5ae08c137a5838eead0696287a28c71d15209c5165866521c2ab4340fd3abb27 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1584924 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 1139 x-served-by cache-dfw-kdfw8210028-DFW, cache-fra-eddf8230115-FRA x-timer S1710732200.863437,VS0,VE0 etag "579e887a5abda8ef496a71aa2a6d4d20" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 21, 2
GET H2	200	sync Show response live.rezync.com/	2 KB 3 KB	218ms 156ms	Script text/javascript	13.32.27.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=84704d8985b4a5887edb9b17bbc8a8f6&k=bank-independent-pixel-6605&zmpID=bank-independent&cache_buster=1710732199870 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-83.fra56.r.cloudfront.net Software lighttpd/1.4.69 / Resource Hash 42518698b3efe9596d1dfe94c2e41160c877cb31a0a181f48abba420c86c338a Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/javascript accept-ranges bytes content-length 2215 x-amz-cf-id sTwjlh9aO8KtCacuopSOAKl4C3JQT1vDe3CJ3Iwg17ABNV6DOHnjGQ==
GET H2	200	disclaimer Show response www.bibank.com/_/api/	3 KB 1 KB	128ms 127ms	XHR application/json	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/_/api/disclaimer Requested by Host: www.bibank.com URL: https://www.bibank.com/assets/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26d4066de6c70db592d7c9bef05d49cb17504b6eb0c8ee312b82a03ab1abebd0 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://www.bibank.com/helping-hands-foundation X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json Response headers date Mon, 18 Mar 2024 03:23:20 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status DYNAMIC age 0 x-varnish-ttl 0.000 x-varnish-hitmiss MISS x-varnish-count 0 content-length 964 x-xss-protection 1; mode=block server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 x-varnish 69711092 cache-control public, max-age=0 accept-ranges bytes cf-ray 86621a794f38371a-FRA expires Mon, 18 Mar 2024 03:23:19 GMT
GET H2	200	cast_framework.js Show response www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame B1F1	35 KB 12 KB	104ms 96ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12197 x-xss-protection 0 last-modified Mon, 14 Nov 2022 23:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="chrome-dongle" vary Accept-Encoding report-to {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]} content-type text/javascript cache-control private, max-age=0 accept-ranges bytes expires Mon, 18 Mar 2024 03:23:19 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/122/ Frame B1F1	50 KB 15 KB	97ms 89ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/122/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 21:33:54 GMT content-encoding gzip x-content-type-options nosniff age 20965 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14711 x-xss-protection 0 last-modified Mon, 15 Jan 2024 16:03:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Mon, 18 Mar 2024 21:33:54 GMT
GET H2	200	player.module.js Show response f.vimeocdn.com/p/4.28.19/js/ Frame B1F1	576 KB 139 KB	9ms 8ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/js/player.module.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 11c774d490b4387dfaa0cf966b8bdcb71933784072e2ffd879b13c0ebdeeaacf Request headers Referer https://player.vimeo.com/ Origin https://player.vimeo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kjyo7100029-IAD, cache-fra-eddf8230130-FRA date Mon, 18 Mar 2024 03:23:20 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 214310 x-timer S1710732200.039033,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 141805 x-cache-hits 1, 66911
GET H2	200	vendor.module.js Show response f.vimeocdn.com/p/4.28.19/js/ Frame B1F1	418 KB 100 KB	9ms 8ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c1621a2bc759edda87d72a1a929432897cead8f4b080120d242a432f1c410ffa Request headers Referer https://player.vimeo.com/ Origin https://player.vimeo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kiad7000079-IAD, cache-fra-eddf8230130-FRA date Mon, 18 Mar 2024 03:23:20 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 300709 x-timer S1710732200.039024,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 102420 x-cache-hits 23, 108446
GET H2	200	player.css f.vimeocdn.com/p/4.28.19/css/ Frame B1F1	209 KB 22 KB	7ms 6ms	Stylesheet text/css	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1ce3d65c557d94ad5dccc7ea1faeedea3034fea95599e93a016ac54a7e891566 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kjyo7100093-IAD, cache-fra-eddf8230030-FRA date Mon, 18 Mar 2024 03:23:20 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 300710 x-timer S1710732200.038849,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 22133 x-cache-hits 9, 108246
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame B1F1	1 KB 1 KB	7ms 7ms	Image image/avif	151.101.192.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.192.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5ae08c137a5838eead0696287a28c71d15209c5165866521c2ab4340fd3abb27 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1584924 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 1139 x-served-by cache-dfw-kdfw8210028-DFW, cache-fra-eddf8230115-FRA x-timer S1710732200.038849,VS0,VE0 etag "579e887a5abda8ef496a71aa2a6d4d20" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 21, 3
GET H2	200	dc_pre=CPDb1Iju_IQDFQ90QQId8ScH3g;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463 adservice.google.com/ddm/fls/z/ Frame 51E8	42 B 401 B	170ms 71ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CPDb1Iju_IQDFQ90QQId8ScH3g;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463 Requested by Host: 6856376.fls.doubleclick.net URL: https://6856376.fls.doubleclick.net/activityi;dc_pre=CPDb1Iju_IQDFQ90QQId8ScH3g;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6856376.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDY4NTYzNzYKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2JpYmFuay5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVnX2tleTog... ad.doubleclick.net/ddm/activity/ Frame 51E8	0 2 KB	169ms 76ms	Image image/png	216.58.206.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDY4NTYzNzYKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2JpYmFuay5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVnX2tleTogOTg5Mjg5NDk3ODcyNjIzODk1MgpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDEKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA2OTY3NjQ5CiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAzLTE4IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiA1ODk3ODk5MDUyNDUxNTg2NTc5CmdhaWFfbW9kZTogZmFsc2UK Requested by Host: 6856376.fls.doubleclick.net URL: https://6856376.fls.doubleclick.net/activityi;dc_pre=CPDb1Iju_IQDFQ90QQId8ScH3g;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2879633942335.9463? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6856376.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"5897899052451586579"}],"aggregatable_trigger_data":[{"filters":{"14":["6967649"]},"key_piece":"0x554f20bb7a4cc33d","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xbf91c7c078fe6c04","not_filters":{"14":["6967649"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6967649"]},"key_piece":"0x882a6d4a98ed378","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x6560e8a1e55cecda","not_filters":{"14":["6967649"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"9892894978726238952","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5897899052451586579","filters":{"14":["6967649"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"5897899052451586579","filters":{"14":["6967649"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"5897899052451586579","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"5897899052451586579","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["6856376"]}} x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1 Show response api.alpharank.io/api/pixel/script/	45 KB 45 KB	356ms 356ms	Script text/javascript	52.88.183.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.alpharank.io/api/pixel/script/51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1?c=n&t=1710806400000 Requested by Host: api.alpharank.io URL: https://api.alpharank.io/api/pixel/script/51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-183-153.us-west-2.compute.amazonaws.com Software nginx/1.12.2 / Express Resource Hash 4a25be1f0513a03c0595d7adc16dbd4402afaa9f00fdcb2564b53613eba2ad8b Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:20 GMT Server nginx/1.12.2 X-Powered-By Express ETag W/"b34c-5l4RE/4mt4MMmx9MJ5iDiT4UXqA" Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin undefined Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 45900
GET H2	200	cv_pixel.js Show response adservices.brandcdn.com/pixel/	2 KB 1 KB	485ms 152ms	Script text/javascript	52.53.137.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adservices.brandcdn.com/pixel/cv_pixel.js Requested by Host: tag.brandcdn.com URL: https://tag.brandcdn.com/autoscript/bankindependent_vgtsqmvfnvvvvda9/Bank_Independent.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.53.137.250 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-53-137-250.us-west-1.compute.amazonaws.com Software Apache/2.4.52 (Ubuntu) / Resource Hash bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT content-encoding gzip last-modified Fri, 21 Apr 2023 11:03:33 GMT server Apache/2.4.52 (Ubuntu) etag "613-5f9d69bae4944-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 745
GET H/1.1	200 OK	iframe Show response d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/ Frame D39F Redirect Chain https://insight.adsrvr.org/tags/ke0jjcx/h9q6rcf/iframe https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe	138 B 667 B	55ms 8ms	Document text/html	18.66.123.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe Requested by Host: tag.brandcdn.com URL: https://tag.brandcdn.com/autoscript/bankindependent_vgtsqmvfnvvvvda9/Bank_Independent.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.123.144 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-123-144.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 438b77ca272c8c6fc09071089337aca9faa5c2207d6270a152b19b9203da970f Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Age 7843 Cache-Control max-age=86400 Connection keep-alive Content-Length 138 Content-Type text/html Date Mon, 18 Mar 2024 01:53:35 GMT ETag "5257b44c434fed89cc9656025794a550" Last-Modified Wed, 22 Jun 2022 17:57:30 GMT Server AmazonS3 Via 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront) X-Amz-Cf-Id 6dHWxXdCmX3oY6N0YzzI6j94MriU8wj_VstBCfZpcz4CzZc-iK7S0Q== X-Amz-Cf-Pop FRA60-P2 X-Cache Hit from cloudfront x-amz-server-side-encryption AES256 Redirect headers content-length 0 date Mon, 18 Mar 2024 03:23:20 GMT location https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe
GET H2	200	/ insight.adsrvr.org/track/conv/	70 B 148 B	102ms 30ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/conv/?adv=ke0jjcx&ct=0:bhs1alf&fmt=3 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	/ insight.adsrvr.org/track/evnt/	70 B 148 B	103ms 31ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/evnt/?adv=ke0jjcx&ct=0:h9q6rcf&fmt=3 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	tc.min.js Show response c1.rfihub.net/js/	19 KB 6 KB	75ms 14ms	Script application/x-javascript	2600:9000:225b:2200:1:76cf:fe80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c1.rfihub.net/js/tc.min.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:2200:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 02:49:05 GMT content-encoding gzip via 1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront) last-modified Mon, 18 Mar 2024 02:48:55 GMT server Jetty(9.4.51.v20230217) x-amz-cf-pop MUC50-P1 age 2055 x-cache Hit from cloudfront content-type application/x-javascript p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control public, max-age=3600 content-length 6162 x-amz-cf-id o5PoHI9aAPj-eOPubKTu2sGSLowNsl4B2qM1V5azDoFGS-XtXtc94w== expires Mon, 18 Mar 2024 03:49:05 GMT
GET H/1.1	200 OK	p13n.min.js Show response cdn.boomtrain.com/p13n/bank-independent/	92 KB 30 KB	488ms 437ms	Script application/javascript	108.138.36.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.boomtrain.com/p13n/bank-independent/p13n.min.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.36.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-42.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash efd668ae087fde9947b834d8b8ea31d6c7a2b2cd676d9104a36a6c352d2bc05f Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id kDHViL545YgJxG_KhlFxDeDgwo7g.mLX Content-Encoding gzip Via 1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront) Date Mon, 18 Mar 2024 03:23:21 GMT X-Amz-Cf-Pop MUC50-P2 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache RefreshHit from cloudfront Connection keep-alive Last-Modified Sun, 17 Mar 2024 00:46:21 GMT Server AmazonS3 ETag W/"fc20e23ab0d1ce0aec6497aad64621ca" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=3600 X-Amz-Cf-Id dnhaWGoO8qmkfHCf0DQo2xdGl6i1xlNtCmIiCuBq-5sIe1g_YIcaBg==
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame B1F1	2 KB 1 KB	6ms 6ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kiad7000106-IAD, cache-fra-eddf8230030-FRA date Mon, 18 Mar 2024 03:23:20 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 2327813 x-timer S1710732200.130596,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 985 x-cache-hits 1, 548183
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame B1F1	23 KB 24 KB	7ms 7ms	Image image/avif	151.101.192.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=1200&mh=684 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/player.module.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.192.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 563bdf145c21eeace296d84a003ccd63957a2e85f6cc4fd6092a688f2f1708a4 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1578535 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 24035 x-served-by cache-dfw-kdal2120056-DFW, cache-fra-eddf8230115-FRA x-timer S1710732200.132254,VS0,VE0 etag "59a5550a42b27aea81c31774eb0a98be" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 13, 3
GET H3	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame B1F1	4 KB 2 KB	45ms 45ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 18 Mar 2024 03:23:20 GMT
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame B1F1	0 40 B	116ms 115ms	Ping text/plain	34.120.202.204 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0075b7f404dd526280e54ddba11691184fc30bb81710732199 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	oembed.json Show response vimeo.com/api/ Redirect Chain https://www.vimeo.com/api/oembed.json?url=https://vimeo.com/134839839&callback=vimeoCallback https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/134839839	1 KB 2 KB	213ms 213ms	Script application/javascript	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/134839839 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 808acbf7070e9c81cc9736e754cfe7e8df585fbeb82e136c2fd89ed61f68dc79 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-varnish-cache 0 Date Mon, 18 Mar 2024 03:23:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff CF-Cache-Status DYNAMIC content-encoding gzip age 0 content-security-policy-report-only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp X-Cache MISS, MISS via 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish Connection keep-alive x-vserver web-varnish-prod-varnish-12 Content-Length 593 x-xss-protection 1; mode=block x-ua-compatible IE=edge X-Served-By cache-iad-kcgs7200175-IAD, cache-fra-eddf8230028-FRA last-modified Fri, 15 Mar 2024 06:44:02 GMT Server cloudflare X-Timer S1710732200.358782,VS0,VE194 etag W/"4afa0c19438baecd9044403b9c108a47ab93dfcc-gzip" x-backend-proxy webproxy13 x-frame-options sameorigin Vary Accept-Encoding,x-http-method-override Content-Type application/javascript access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server pweb-595795d679-s645f accept-ranges bytes CF-RAY 86621a7c2ba51db3-FRA access-control-allow-headers X-Requested-With X-Cache-Hits 0, 0 Redirect headers x-varnish-cache 0 Date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish CF-Cache-Status DYNAMIC age 0 Transfer-Encoding chunked X-Cache MISS, MISS Connection keep-alive x-vserver web-varnish-prod-varnish-7 X-Served-By cache-iad-kcgs7200144-IAD, cache-fra-eddf8230115-FRA Server cloudflare X-Timer S1710732200.224430,VS0,VE104 x-backend-proxy webproxy8 Vary x-http-method-override Content-Type text/html; charset=iso-8859-1 Location https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/134839839 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server Accept-Ranges bytes CF-RAY 86621a7b48519978-FRA X-Cache-Hits 0, 0
GET H/1.1	200 OK	ca.html Show response 20848799p.rfihub.com/ Frame B12B	5 KB 5 KB	164ms 23ms	Document text/html	193.0.160.131 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20848799p.rfihub.com/ca.html?ver=9&rb=49565&ca=20848799&_o=49565&_t=20848799&userid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&pe=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&pf=&ra=48890745964335736 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash d56eedf591e30865bc6f2a3378f4a09f510032fb70ca44871b73d56297362300 Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 4826 Content-Type text/html;charset=utf-8 Date Mon, 18 Mar 2024 03:23:20 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H/1.1	200 OK	ca.html Show response 20848799p.rfihub.com/ Frame 9640	5 KB 5 KB	160ms 23ms	Document text/html	193.0.160.131 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20848799p.rfihub.com/ca.html?ver=9&rb=49565&ca=20848799&_o=49565&_t=20848799&userid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&pe=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&pf=&ra=9764685729459717 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash e72237df8a2e5237e60dc37c2752cbbc51a1c1621cb12634fae3e644be088df6 Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 4826 Content-Type text/html;charset=utf-8 Date Mon, 18 Mar 2024 03:23:20 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H/1.1	200 OK	ca.html Show response 20848799p.rfihub.com/ Frame 10D5	5 KB 5 KB	157ms 21ms	Document text/html	193.0.160.131 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20848799p.rfihub.com/ca.html?ver=9&rb=49565&ca=20848799&_o=49565&_t=20848799&userid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&pe=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&pf=&ra=7108749380194443 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 37f65250fbd310ee722a65609bd92b4df760854f109ce06a4b4a6bd82a58b4b7 Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 4826 Content-Type text/html;charset=utf-8 Date Mon, 18 Mar 2024 03:23:20 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H/1.1	200 OK	piwik.php analytics.loanspq.com/	43 B 159 B	456ms 456ms	Image image/gif	168.61.6.168 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.loanspq.com/piwik.php?action_name=www.bibank.com%2FHelping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&idsite=212&rec=1&r=215636&h=4&m=23&s=20&url=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&_id=6db53edb6526f537&_idts=1710732200&_idvc=1&_idn=0&_refts=0&_viewts=1710732200&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=546 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.61.6.168 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software envoy / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT server envoy content-length 43 content-type image/gif
GET H3	200	cast_framework.js Show response www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame B1F1	35 KB 12 KB	62ms 55ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12197 x-xss-protection 0 last-modified Mon, 14 Nov 2022 23:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="chrome-dongle" vary Accept-Encoding report-to {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]} content-type text/javascript cache-control private, max-age=0 accept-ranges bytes expires Mon, 18 Mar 2024 03:23:20 GMT
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/122/ Frame B1F1	50 KB 14 KB	44ms 37ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/122/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 21:33:54 GMT content-encoding gzip x-content-type-options nosniff age 20966 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14711 x-xss-protection 0 last-modified Mon, 15 Jan 2024 16:03:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Mon, 18 Mar 2024 21:33:54 GMT
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame B1F1	23 KB 24 KB	7ms 7ms	Image image/avif	151.101.192.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=1200&mh=684 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.192.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 563bdf145c21eeace296d84a003ccd63957a2e85f6cc4fd6092a688f2f1708a4 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1578535 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 24035 x-served-by cache-dfw-kdal2120056-DFW, cache-fra-eddf8230115-FRA x-timer S1710732200.234049,VS0,VE0 etag "59a5550a42b27aea81c31774eb0a98be" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 13, 4
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame B1F1	1 KB 1 KB	8ms 4ms	Image image/avif	151.101.192.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=80&q=85 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.192.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5ae08c137a5838eead0696287a28c71d15209c5165866521c2ab4340fd3abb27 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1584925 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 1139 x-served-by cache-dfw-kdfw8210028-DFW, cache-fra-eddf8230115-FRA x-timer S1710732200.242963,VS0,VE0 etag "579e887a5abda8ef496a71aa2a6d4d20" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 21, 4
GET H2	200	/ insight.adsrvr.org/track/pxl/ Frame D39F	70 B 148 B	31ms 31ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=ke0jjcx&ct=0:h9q6rcf&fmt=3 Requested by Host: d1eoo1tco6rr5e.cloudfront.net URL: https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://d1eoo1tco6rr5e.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT server Kestrel content-length 70 content-type image/gif
GET H2	451	501709.gif idsync.rlcdn.com/ Frame 10D5 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329530855263318&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a312-048069b... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424305028771&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a3... https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.4280934	0 42 B	23ms 21ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.4280934 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.4280934 content-length 447 x-amz-cf-id J68ucDTnmzA3ppjxkQKlQG4WClFhsYHz0VZneiKBsRzZICOHKYx93g==
GET H2	200	pixel cm.g.doubleclick.net/ Frame 10D5	170 B 409 B	129ms 45ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUzMDg1NTI2MzMxOA==&forward= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 10D5 Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5133329530855263318 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329530855263318	43 B 1 KB	8ms 8ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329530855263318 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT an-x-request-uuid f78fbda3-e289-49ed-8bc4-b6eaf9c37582 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT an-x-request-uuid ae8ebce8-772a-4230-a72d-e15bb02de532 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329530855263318 cache-control no-store, no-cache, private x-proxy-origin 185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	demconf.jpg dpm.demdex.net/ Frame 10D5 Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329530855263318&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329530855263318&redir=	42 B 716 B	32ms 31ms	Image image/gif	52.215.99.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329530855263318&redir= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 52.215.99.44 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-99-44.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers dcs dcs-prod-irl1-1-v058-061dbf0bc.edge-irl1.demdex.com 2 ms pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid 2kg4/4uYRXQ= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-1-v058-03ee5dfe4.edge-irl1.demdex.com 0 ms pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid 9lB6U87USso= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329530855263318&redir= cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 10D5	0 74 B	62ms 14ms	Image text/html	198.47.127.205 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5133329530855263318&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Mon, 18 Mar 2024 03:23:20 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 10D5	43 B 264 B	55ms 19ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329530855263318&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 10D5 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0	0 344 B	40ms 8ms	Image text/plain	3.127.178.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-178-105.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:20 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0 Date Mon, 18 Mar 2024 03:23:20 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame 10D5	57 B 643 B	169ms 64ms	Image image/gif	184.30.20.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329530855263318 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-20-22.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Mon, 18 Mar 2024 03:23:20 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store alt-svc h3=":443"; ma=93600 content-length 57 x-mnet-hl2 E expires Mon, 18 Mar 2024 03:23:20 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 10D5	43 B 108 B	409ms 145ms	Image image/gif	3.222.105.150 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5133329530855263318 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.105.150 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-105-150.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 10D5 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530855263318&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530855263318&forward=&C=1	43 B 376 B	26ms 26ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530855263318&forward=&C=1 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3lYwfI6UAH7wv%2BzXeWB4dXGnpFx7M179Z3q3cKLqIt4ihO%2Bd63EUIfUnNJ5de2NeVSUWVz9BQhbj3bPBaI2vI7U4cQ1K96FORlyyns18MeTf4iJhn%2BIksXmYgEBB6EvLHDxmSPnRF0CxAw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 86621a7c7e4e972c-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZL7v2qVsV3FAFyk2%2BnuVbhDpwchWN8PIKq35sELCuClRbuviKQUXHBWE6xkw1SQGmr%2BZqpERRpEAdoneeHE5BT13kSoScPQkIIZxubAsoG0hW8XURgMCC2Nzc1QtGw7v%2BYnsLCDBHcYSLA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5133329530855263318&forward=&C=1 cache-control no-cache cf-ray 86621a7c5e36972c-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame 10D5	0 98 B	68ms 21ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5133329530855263318 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame 10D5	43 B 182 B	282ms 174ms	Image image/gif	2.19.104.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329530855263318 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.104.189 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-104-189.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Mon, 18 Mar 2024 03:23:20 GMT pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 43 content-type image/gif
GET H2	200	sync partners.tremorhub.com/ Frame 10D5	43 B 174 B	327ms 100ms	Image image/gif	2600:1f18:612b:4200:9755:b35:de0b:b4bf AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5133329530855263318&r=YmAAN_MfU-9- Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9755:b35:de0b:b4bf Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Mon, 18 Mar 2024 03:23:20 GMT server nginx content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 10D5	43 B 376 B	126ms 37ms	Image image/gif	34.254.7.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329530855263318 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.254.7.184 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-7-184.eu-west-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame 10D5	43 B 235 B	94ms 17ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329530855263318&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:20 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame 10D5 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfezqAAAARAdSgA9 https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAAAARAdSgA9&_test=ZfezqAAAARAdSgA9	42 B 1 KB	15ms 15ms	Image image/gif	193.0.160.131 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAAAARAdSgA9&_test=ZfezqAAAARAdSgA9 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/gif Date Mon, 18 Mar 2024 03:23:20 GMT Cache-Control no-cache Server Jetty(9.4.51.v20230217) Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-fra-eddf8230109-FRA pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 varnish server Varnish x-timer S1710732201.610606,VS0,VE0 x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAAAARAdSgA9&_test=ZfezqAAAARAdSgA9 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 9640 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0	0 344 B	34ms 7ms	Image text/plain	3.127.178.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-178-105.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:20 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0 Date Mon, 18 Mar 2024 03:23:20 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	cm p.rfihub.com/ Frame 9640 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfezqAABrW4OTgAo https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAABrW4OTgAo&_test=ZfezqAABrW4OTgAo	42 B 972 B	16ms 15ms	Image image/gif	193.0.160.131 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAABrW4OTgAo&_test=ZfezqAABrW4OTgAo Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/gif Date Mon, 18 Mar 2024 03:23:20 GMT Cache-Control no-cache Server Jetty(9.4.51.v20230217) Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-fra-eddf8230109-FRA pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 varnish server Varnish x-timer S1710732200.496590,VS0,VE0 x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAABrW4OTgAo&_test=ZfezqAABrW4OTgAo cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	451	501709.gif idsync.rlcdn.com/ Frame 9640 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210830249393806&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a312-048069b... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424305028771&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a3... https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.435899	0 42 B	21ms 20ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.435899 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.435899 content-length 445 x-amz-cf-id vqdpABf1DtQ2sbZE3y0upieNIyaQ2Of6ASS0nm4W8uPPFkZmfTZkIA==
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9640	170 B 232 B	122ms 46ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgzMDI0OTM5MzgwNg==&forward= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 9640 Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5141210830249393806 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210830249393806	43 B 1 KB	9ms 9ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210830249393806 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT an-x-request-uuid fae1d3c2-15b5-4af6-873f-3afdd636fcb1 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT an-x-request-uuid 1f55e6ad-4303-4551-b529-6bfe6fda8f5b server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210830249393806 cache-control no-store, no-cache, private x-proxy-origin 185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	demconf.jpg dpm.demdex.net/ Frame 9640 Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210830249393806&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210830249393806&redir=	42 B 716 B	32ms 32ms	Image image/gif	52.215.99.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210830249393806&redir= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 52.215.99.44 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-99-44.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers dcs dcs-prod-irl1-1-v058-00221f726.edge-irl1.demdex.com 2 ms pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid e6a5VtQ7R5E= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-2-v058-0eb8fe7c0.edge-irl1.demdex.com 0 ms pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid 7DiL42JASpg= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210830249393806&redir= cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 9640	0 225 B	53ms 14ms	Image text/html	198.47.127.205 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5141210830249393806&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Mon, 18 Mar 2024 03:23:18 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 9640	43 B 97 B	48ms 21ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537073062&val=5141210830249393806&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame 9640	57 B 643 B	137ms 40ms	Image image/gif	184.30.20.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5141210830249393806 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-20-22.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Mon, 18 Mar 2024 03:23:20 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store alt-svc h3=":443"; ma=93600 content-length 57 x-mnet-hl2 E expires Mon, 18 Mar 2024 03:23:20 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 9640	43 B 108 B	402ms 146ms	Image image/gif	3.222.105.150 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5141210830249393806 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.105.150 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-105-150.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 9640 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210830249393806&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210830249393806&forward=&C=1	43 B 332 B	26ms 25ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210830249393806&forward=&C=1 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opcJ%2BuOkcMlKgr%2BdoARb25%2BIrf6R7tO%2FiVX%2FStZZr6u8HKNyNdPGQwtgJYq%2FGjzYwopuFnyLi4IStiFw4SfsVnEOZGsLIJHObp9Dabc5SPzffXGT%2BiWAeEwal0oawFFlZdWnxOhPZJY3vg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 86621a7c7e4a972c-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDt1B1m%2F%2FhyU5tK4KD8RANK%2FcfSQFtpVOeYeRNK4xybpR6ixLu0cq3j8WfcG0ZtFabYno7C%2BtdY0LG5LvJujZTXZaOGv0SeTBPiMAzibCp7oPTPfyFCA3HdP6hhZonwxsdMmggz6%2FEzLbg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5141210830249393806&forward=&C=1 cache-control no-cache cf-ray 86621a7c5e35972c-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame 9640	0 42 B	28ms 21ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5141210830249393806 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame 9640	43 B 182 B	251ms 160ms	Image image/gif	2.19.104.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5141210830249393806 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.104.189 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-104-189.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Mon, 18 Mar 2024 03:23:20 GMT pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 43 content-type image/gif
GET H2	200	sync partners.tremorhub.com/ Frame 9640	43 B 174 B	321ms 99ms	Image image/gif	2600:1f18:612b:4200:9755:b35:de0b:b4bf AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5141210830249393806&r=BdPHAWQFVFzJ Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9755:b35:de0b:b4bf Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Mon, 18 Mar 2024 03:23:20 GMT server nginx content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 9640	43 B 376 B	111ms 30ms	Image image/gif	34.254.7.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5141210830249393806 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.254.7.184 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-7-184.eu-west-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame 9640	43 B 235 B	94ms 18ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5141210830249393806&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:20 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	match ps.eyeota.net/ Frame B12B Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0	0 344 B	35ms 7ms	Image text/plain	3.127.178.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-178-105.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:20 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5134455424305028771&bid=omt9pi0 Date Mon, 18 Mar 2024 03:23:20 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	cm p.rfihub.com/ Frame B12B Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfezqAABrZcOVAAo https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAABrZcOVAAo&_test=ZfezqAABrZcOVAAo	42 B 972 B	16ms 16ms	Image image/gif	193.0.160.131 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAABrZcOVAAo&_test=ZfezqAABrZcOVAAo Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/gif Date Mon, 18 Mar 2024 03:23:20 GMT Cache-Control no-cache Server Jetty(9.4.51.v20230217) Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-fra-eddf8230109-FRA pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 varnish server Varnish x-timer S1710732200.496679,VS0,VE0 x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfezqAABrZcOVAAo&_test=ZfezqAABrZcOVAAo cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	451	501709.gif idsync.rlcdn.com/ Frame B12B Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424305028771&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a312-048069b... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424305028771&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc560509e-ece5-45c1-a3... https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.5837994	0 9 B	21ms 21ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.5837994 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:21 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=c560509e-ece5-45c1-a312-048069b7df9c%3A1710732200.0059166&_=1710732200.5837994 content-length 447 x-amz-cf-id 6lSEO84TLuJU1LgYRZDLp0DvfIeagAFMWklQLWxZc08FGpfGUba8TQ==
GET H2	200	pixel cm.g.doubleclick.net/ Frame B12B	170 B 232 B	120ms 47ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQyNDMwNTAyODc3MQ==&forward= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame B12B Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5134455424305028771 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455424305028771	43 B 1 KB	9ms 8ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455424305028771 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT an-x-request-uuid 2ddf9987-9ef6-4193-8c76-062063e8d7e4 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT an-x-request-uuid f9b0688d-4428-417a-93e3-95848cba842d server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455424305028771 cache-control no-store, no-cache, private x-proxy-origin 185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	demconf.jpg dpm.demdex.net/ Frame B12B Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455424305028771&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455424305028771&redir=	42 B 716 B	31ms 31ms	Image image/gif	52.215.99.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455424305028771&redir= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 52.215.99.44 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-99-44.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers dcs dcs-prod-irl1-2-v058-0bfcb77d5.edge-irl1.demdex.com 1 ms pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid vvy0Ani/RtU= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-2-v058-09c85e1a9.edge-irl1.demdex.com 0 ms pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid faFfhbABSl4= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455424305028771&redir= cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame B12B	0 74 B	52ms 14ms	Image text/html	198.47.127.205 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5134455424305028771&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Mon, 18 Mar 2024 03:23:19 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame B12B	43 B 97 B	45ms 20ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455424305028771&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame B12B	57 B 643 B	154ms 60ms	Image image/gif	184.30.20.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5134455424305028771 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-20-22.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Mon, 18 Mar 2024 03:23:20 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store alt-svc h3=":443"; ma=93600 content-length 57 x-mnet-hl2 E expires Mon, 18 Mar 2024 03:23:20 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame B12B	43 B 109 B	393ms 139ms	Image image/gif	3.222.105.150 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5134455424305028771 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.105.150 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-105-150.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H2	200	rum dsum-sec.casalemedia.com/ Frame B12B Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424305028771&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424305028771&forward=&C=1	43 B 338 B	21ms 20ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424305028771&forward=&C=1 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhnEGcYkNFtztUIWj%2FPe8DOmMsnQNbyScsNg1s0t9pVUv%2FISO0%2BB2xgys1XhVn7LXziSjHiwQWhR4gFNxEcSia7UpLHamwFy2JO17HPTf%2FAtAJK1T39y8ZryLTLyCx3BlrTSTUqz8gbgaQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 86621a7c7e50972c-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DR7tg02ptTr3UB4sI5S%2B5Ae7jFCloTY1L2774yYE0MOd3iuLkMXUOo9R8GXby3JBjTbvRmEapvQpH0fC4rueYKPM8JP7wj79GnSrMcGcDM1WRlIGTTZD47jpXNWf8CWnLSVKrG%2BRV6gsDg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5134455424305028771&forward=&C=1 cache-control no-cache cf-ray 86621a7c5e37972c-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame B12B	0 42 B	29ms 22ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5134455424305028771 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 03:23:20 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame B12B	43 B 182 B	259ms 168ms	Image image/gif	2.19.104.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5134455424305028771 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.104.189 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-104-189.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Mon, 18 Mar 2024 03:23:20 GMT pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 43 content-type image/gif
GET H2	200	sync partners.tremorhub.com/ Frame B12B	43 B 175 B	321ms 99ms	Image image/gif	2600:1f18:612b:4200:9755:b35:de0b:b4bf AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5134455424305028771&r=oD5X_JiEaItw Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9755:b35:de0b:b4bf Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Mon, 18 Mar 2024 03:23:20 GMT server nginx content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame B12B	43 B 377 B	110ms 29ms	Image image/gif	34.254.7.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5134455424305028771 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.254.7.184 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-7-184.eu-west-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 03:23:20 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame B12B	43 B 235 B	93ms 17ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455424305028771&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:20 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	resolve Show response people.api.boomtrain.com/identify/	150 B 465 B	463ms 138ms	XHR application/json	52.5.20.52 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYzU2MDUwOWUtZWNlNS00NWMxLWEzMTItMDQ4MDY5YjdkZjljOjE3MTA3MzIyMDAuMDA1OTE2NiJ9fQ%3D%3D&site_id=bank-independent Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/bank-independent/p13n.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.5.20.52 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-20-52.compute-1.amazonaws.com Software nginx / Resource Hash f123058c37411905c4ba3a6b99504bd824080b8502913a3a9408b87d331bd6c6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:20 GMT Server nginx Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type application/json Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers X-Requested-With,Content-Type,Authorization,x-app-id Content-Length 150
POST H/1.1	200 OK	pixel.gif pixel.alpharank.io/	35 B 545 B	557ms 173ms	Ping application/octet-stream	52.88.183.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.alpharank.io/pixel.gif?id=51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1&duid=4.32.4-3o849ad2-ltwds64l&fp=f3908d2a4a8efce077b4610a82acc449&ev=pageload&v=4.32.4&dl=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&ts=1710732200083&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Helping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&bn=Chrome%20122&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36&tz=-60 Requested by Host: api.alpharank.io URL: https://api.alpharank.io/api/pixel/script/51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1?c=n&t=1710806400000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-183-153.us-west-2.compute.amazonaws.com Software nginx/1.12.2 / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 03:23:21 GMT Server nginx/1.12.2 X-Powered-By Express ETag W/"23-X71HIiL+uKIs9biqXcW44Tr4jis" Content-Type application/octet-stream Access-Control-Allow-Origin https://www.bibank.com Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 35
GET H/1.1	200 OK	pstats.html Show response a.rfihub.com/ Frame BE87	26 B 906 B	61ms 16ms	Document text/html	193.0.160.131 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://a.rfihub.com/pstats.html?rb=49565&ca=20848799&ri=c15b38f2181c6b757c6174a157488944&stats=undefined&ra=060854929956200676 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623 Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 26 Content-Type text/html;charset=iso-8859-1 Date Mon, 18 Mar 2024 03:23:20 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
POST H2	200	track Show response events.api.boomtrain.com/event/	2 B 209 B	327ms 115ms	XHR text/plain	52.20.67.248 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.api.boomtrain.com/event/track Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/bank-independent/p13n.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.20.67.248 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-67-248.compute-1.amazonaws.com Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://www.bibank.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Mon, 18 Mar 2024 03:23:21 GMT server nginx access-control-allow-headers X-Requested-With, Content-Type, Authorization, x-app-id content-length 2 access-control-allow-methods GET, PUT, POST, DELETE content-type text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff2/Gotham-Bold_Web.woff2

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff2/Gotham-Book_Web.woff2

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff2/Gotham-Light_Web.woff2

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff2/Gotham-Medium_Web.woff2

Domain

vimeo.com

URL

https://vimeo.com/ablincoln/vuid?pid=0075b7f404dd526280e54ddba11691184fc30bb81710732199

Domain

kernel-serve.banno.com

URL

https://kernel-serve.banno.com/kernel.js

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff/Gotham-Bold_Web.woff

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff/Gotham-Light_Web.woff

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff/Gotham-Book_Web.woff

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff/Gotham-Medium_Web.woff

Domain

URL

https://{account_id}.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&title=Helping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&res=1600x1200&accountid=%7BACCOUNT_ID%7D&rt=1937&prev=da625fc6-d7ab-5267-8686-33ac17aa4b7c&luid=6a9ba813-3013-b27d-1fc4-5e554462b0d9&rnd=28929