www.bibank.com Open in urlscan Pro
104.18.24.218  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://hhfal.org/ HTTP 301
   https://www.bibank.com/helping-hands-foundation Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

• https://6856376.fls.doubleclick.net/activityi;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947 HTTP 302
• https://6856376.fls.doubleclick.net/activityi;dc_pre=CL-V--b294QDFfZiQQIdPGwFVQ;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947

Request Chain 61

• https://insight.adsrvr.org/tags/ke0jjcx/h9q6rcf/iframe HTTP 301
• https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe

Request Chain 82

• https://www.vimeo.com/api/oembed.json?url=https://vimeo.com/134839839&callback=vimeoCallback HTTP 301
• https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/134839839

Request Chain 90

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329530831851948&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a23c-fcaae86b9810%253A1710562746.586731%26_%3D1710562747.0235786&cb=1710562747.0236027 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424281627578&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a23c-fcaae86b9810%253A1710562746.586731%26_%3D1710562747.0235786 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.0235786

Request Chain 92

• https://ib.adnxs.com/setuid?entity=18&code=5133329530831851948 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329530831851948

Request Chain 93

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329530831851948&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329530831851948&redir=

Request Chain 96

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0

Request Chain 99

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530831851948&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530831851948&forward=&C=1

Request Chain 105

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfUduwAABm-IRQAo HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwAABm-IRQAo&_test=ZfUduwAABm-IRQAo

Request Chain 106

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0

Request Chain 107

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfUduwAAAoirUgA9 HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwAAAoirUgA9&_test=ZfUduwAAAoirUgA9

Request Chain 108

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433833071439910&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a23c-fcaae86b9810%253A1710562746.586731%26_%3D1710562747.03008&cb=1710562747.0301025 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424281627578&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a23c-fcaae86b9810%253A1710562746.586731%26_%3D1710562747.03008 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.03008

Request Chain 110

• https://ib.adnxs.com/setuid?entity=18&code=5107433833071439910 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433833071439910

Request Chain 111

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5107433833071439910&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433833071439910&redir=

Request Chain 116

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433833071439910&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433833071439910&forward=&C=1

Request Chain 122

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0

Request Chain 123

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfUduwABKSprzQAe HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwABKSprzQAe&_test=ZfUduwABKSprzQAe

Request Chain 124

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424281627578&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a23c-fcaae86b9810%253A1710562746.586731%26_%3D1710562747.038801&cb=1710562747.038835 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424281627578&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a23c-fcaae86b9810%253A1710562746.586731%26_%3D1710562747.038801 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.038801

Request Chain 126

• https://ib.adnxs.com/setuid?entity=18&code=5134455424281627578 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455424281627578

Request Chain 127

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455424281627578&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455424281627578&redir=

Request Chain 132

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424281627578&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424281627578&forward=&C=1

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request helping-hands-foundation Show response www.bibank.com/ Redirect Chain http://hhfal.org/ https://www.bibank.com/helping-hands-foundation	35 KB 10 KB	586ms 534ms	Document text/html	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1640099d38a779f961aaf818437dbde397f3b9a6a583fe2bbbfa0d659c64fa3 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 8651f16239a591dd-FRA content-encoding gzip content-length 9439 content-type text/html; charset=utf-8 date Sat, 16 Mar 2024 04:19:05 GMT expires Sat, 16 Mar 2024 04:19:05 GMT server cloudflare strict-transport-security max-age=16070400 vary Accept-Encoding via varnish x-ad-insert-result success x-content-type-options nosniff x-frame-options SAMEORIGIN x-varnish 116693180 x-varnish-count 0 x-varnish-hitmiss MISS x-varnish-ttl 0.000 x-xss-protection 1; mode=block Redirect headers Connection keep-alive Content-Length 82 Content-Type text/html; charset=utf-8 Date Sat, 16 Mar 2024 04:19:04 GMT Location https://www.bibank.com/helping-hands-foundation Server ip-100-74-3-101.eu-west-2.compute.internal X-Request-Id 176157c6-497b-4fc5-bb3d-9bdaf96be267
GET H2	200	hco_fonts.css fonts.bibank.com/hco_fonts/	2 KB 1 KB	427ms 124ms	Stylesheet text/css	12.162.17.202 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://fonts.bibank.com/hco_fonts/hco_fonts.css Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.162.17.202 Madison, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash ce0711bd7f3a4b5f51f693df400b273b345f4227bdb32e75b4bfd236a35091b0 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=0 content-encoding gzip date Sat, 16 Mar 2024 04:19:05 GMT last-modified Tue, 27 Mar 2018 16:38:40 GMT server Microsoft-IIS/10.0 etag "0a8aefeac5d31:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 878
GET H2	200	main.min.css www.bibank.com/assets/css/	252 KB 33 KB	565ms 564ms	Stylesheet text/css	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/css/main.min.css?v=201809100226 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 128bb31824304439993f2443015058a99bcbfa204eb856c6318f6598261b130f Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:05 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status MISS x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="main.min.css" content-length 33700 x-xss-protection 1; mode=block x-varnish-count 375 last-modified Mon, 11 Mar 2024 17:30:12 GMT server cloudflare etag "85b4ca79a20d8abfcce01789a28882b7" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css x-varnish 116693197 19922952 cache-control public, max-age=14400 accept-ranges bytes cf-ray 8651f1659ad691dd-FRA expires Sat, 16 Mar 2024 08:19:05 GMT
GET H2	200	helping-hands-workers.jpg www.bibank.com/assets/files/Z2GupajR/	378 KB 379 KB	573ms 572ms	Image image/jpeg	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/files/Z2GupajR/helping-hands-workers.jpg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14f008de9baa71c1c0feb4ff8c3f909f4595bb07de6a33c155d7293e1ee8dac6 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:05 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-hitmiss MISS content-disposition filename="helping-hands-workers.jpg" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 24 Oct 2023 18:58:27 GMT server cloudflare etag "c18e61e9f172febf987e7ff8e76d37b6" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg x-varnish 57767627 cache-control public, max-age=14400 cf-ray 8651f1659ad791dd-FRA expires Sat, 16 Mar 2024 08:19:05 GMT
GET H2	200	helping-hands-race.jpg www.bibank.com/assets/files/iC5LsDyM/	205 KB 205 KB	581ms 581ms	Image image/jpeg	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/files/iC5LsDyM/helping-hands-race.jpg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5acf63dd6a4e980b34189058cd02bd0443dfbe27cef10ef08eb4610aa9e29433 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:05 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-hitmiss MISS content-disposition filename="helping-hands-race.jpg" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 24 Oct 2023 20:44:11 GMT server cloudflare etag "506816a72edbb1ad0ecdef7b8379a006" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg x-varnish 58176422 cache-control public, max-age=14400 cf-ray 8651f1659ad891dd-FRA expires Sat, 16 Mar 2024 08:19:05 GMT
GET H2	200	helping-hands-una.jpg www.bibank.com/assets/files/E5K2F61S/	253 KB 254 KB	575ms 573ms	Image image/jpeg	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/files/E5K2F61S/helping-hands-una.jpg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51097597bfad8ddca4a10354d5dbad3ee26716a8d7c8b62805ebc4b05f52dee9 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-hitmiss MISS content-disposition filename="helping-hands-una.jpg" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 24 Oct 2023 20:45:57 GMT server cloudflare etag "b6397ea4225c9bafc7f03bd7c8d42e07" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg x-varnish 116249452 cache-control public, max-age=14400 cf-ray 8651f1692c2291dd-FRA expires Sat, 16 Mar 2024 08:19:06 GMT
GET H2	200	helping-hands-food-barn.jpg www.bibank.com/assets/files/dZhznKAo/	193 KB 193 KB	579ms 577ms	Image image/jpeg	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/files/dZhznKAo/helping-hands-food-barn.jpg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a928069b0c75c6f5f9ee02cc6e895e7962d0b4527b168facf9941c2f9374ed4 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-hitmiss MISS content-disposition filename="helping-hands-food-barn.jpg" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 24 Oct 2023 20:57:59 GMT server cloudflare etag "a8ad7a8f1d0ecbf8b32ed6674077929e" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg x-varnish 111986390 cache-control public, max-age=14400 cf-ray 8651f1692c2391dd-FRA expires Sat, 16 Mar 2024 08:19:06 GMT
GET H2	200	shelter_share_logo.png www.bibank.com/assets/content/UWgE1OaK/2017/06/13/	10 KB 10 KB	465ms 463ms	Image image/png	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/content/UWgE1OaK/2017/06/13/shelter_share_logo.png Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d91d41cfbfeb3cd265396af580a0ff3f3a1a0fcc1adfee267f042a3e201e814 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="shelter_share_logo.png" x-varnish-count 2 content-length 9775 x-xss-protection 1; mode=block last-modified Tue, 13 Jun 2017 21:02:08 GMT server cloudflare etag "d7c2a5b81364bfaa9c410436fcc99897" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png x-varnish 56055395 54919485 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8651f1692c2491dd-FRA expires Sun, 16 Mar 2025 04:19:06 GMT
GET H2	200	food_share_logo.png www.bibank.com/assets/content/49FudetG/2017/06/13/	11 KB 11 KB	471ms 469ms	Image image/png	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/content/49FudetG/2017/06/13/food_share_logo.png Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3270881a2989e27d39495dc9c2a206226726dc8a2491c17b3bd1ac23505bcd83 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss MISS content-disposition filename="food_share_logo.png" x-varnish-count 0 x-xss-protection 1; mode=block last-modified Tue, 13 Jun 2017 21:02:08 GMT server cloudflare etag "ee59a1abcf09d9be1fa50ad2b369a39a" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png x-varnish 57767636 cache-control public, max-age=31536000 cf-ray 8651f1692c2691dd-FRA expires Sun, 16 Mar 2025 04:19:06 GMT
GET H2	200	school_share_logo.png www.bibank.com/assets/content/1ZfeVwa3/2017/06/13/	10 KB 11 KB	466ms 464ms	Image image/png	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/content/1ZfeVwa3/2017/06/13/school_share_logo.png Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21e9a8ff01c0591cfd0456d05bd82b9144a6b3ec4b44867c397a7c720bfe1fa7 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="school_share_logo.png" x-varnish-count 1 content-length 10730 x-xss-protection 1; mode=block last-modified Tue, 13 Jun 2017 21:02:08 GMT server cloudflare etag "9604967d600122bdb708f52e3412d5ba" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png x-varnish 55464614 55452309 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8651f1692c2791dd-FRA expires Sun, 16 Mar 2025 04:19:06 GMT
GET H2	200	toy_share_logo.png www.bibank.com/assets/content/h8QJ4Uyy/2017/06/13/	9 KB 9 KB	462ms 460ms	Image image/png	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/content/h8QJ4Uyy/2017/06/13/toy_share_logo.png Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe4aaf6bce3e9fda2dddb0500b80e2b6e42a4b086710ed18c73d0136d4cc5cfd Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="toy_share_logo.png" x-varnish-count 2 content-length 9092 x-xss-protection 1; mode=block last-modified Tue, 13 Jun 2017 21:02:08 GMT server cloudflare etag "0a054e37a369516e3fcd56e36da08aee" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png x-varnish 58176451 56356597 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8651f1692c2991dd-FRA expires Sun, 16 Mar 2025 04:19:06 GMT
GET H2	200	bank-independent.svg www.bibank.com/assets/img/	8 KB 2 KB	458ms 457ms	Image image/svg+xml	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bibank.com/assets/img/bank-independent.svg Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ec5af6fceecab5dfc87ec8dc855a3fc4e5f5c74f4baba17d0c319cb8bb4aedb Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status MISS x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="bank-independent.svg" content-length 1920 x-xss-protection 1; mode=block x-varnish-count 358 last-modified Mon, 11 Mar 2024 17:30:12 GMT server cloudflare etag "cd3bff879f47fa64f7d304e9692d543f" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml x-varnish 116021522 31850506 cache-control public, max-age=14400 accept-ranges bytes cf-ray 8651f1692c2a91dd-FRA expires Sat, 16 Mar 2024 08:19:06 GMT
GET H2	200	jquery.min.js Show response www.bibank.com/assets/js/	86 KB 30 KB	569ms 567ms	Script application/javascript	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/js/jquery.min.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51e85114205d48b4e420f9cdbc05ec1a7abce62539ac43ef0390ab554f350498 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status MISS x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="jquery.min.js" content-length 30965 x-xss-protection 1; mode=block x-varnish-count 380 last-modified Mon, 11 Mar 2024 17:30:12 GMT server cloudflare etag "55d445d3a4511431031c4d6f7ab1e3f5" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript x-varnish 116693214 40927243 cache-control public, max-age=14400 accept-ranges bytes cf-ray 8651f1692c2591dd-FRA expires Sat, 16 Mar 2024 08:19:06 GMT
GET H2	200	script.min.js Show response www.bibank.com/assets/js/	249 KB 68 KB	570ms 569ms	Script application/javascript	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/js/script.min.js?v=201809101000 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 446a761d58b2840c051ca8b1bf7bf2237945accc9dc9ae411688ec64ec197d60 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status MISS x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="script.min.js" content-length 69671 x-xss-protection 1; mode=block x-varnish-count 333 last-modified Mon, 11 Mar 2024 17:30:12 GMT server cloudflare etag "204d0785471bae7ab25b8dc32dbb9603" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript x-varnish 56756902 22642691 cache-control public, max-age=14400 accept-ranges bytes cf-ray 8651f1692c2b91dd-FRA expires Sat, 16 Mar 2024 08:19:06 GMT
GET H2	200	disclaimers.js Show response www.bibank.com/assets/target/	3 KB 2 KB	21ms 20ms	Script application/javascript	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/target/disclaimers.js?bh=7b4bcc Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/helping-hands-foundation User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:05 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status HIT age 191944 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-length 1400 x-xss-protection 1; mode=block x-varnish-count 2 last-modified Thu, 07 Mar 2024 18:17:30 GMT server cloudflare etag "709b2500a5812eb0b64c6a0156896cae" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 x-varnish 9640807 3606120 cache-control public, max-age=15552000 accept-ranges bytes cf-ray 8651f1692c2c91dd-FRA expires Thu, 12 Sep 2024 04:19:05 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	310 KB 105 KB	90ms 27ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 92721cd2c89a7f0ec80e5ac25cdc48ce3fbd66bd64512c601eccaac5cb7f2ee5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 107554 x-xss-protection 0 last-modified Sat, 16 Mar 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 16 Mar 2024 04:19:05 GMT
GET H/1.1	200 OK	134839839 Show response player.vimeo.com/video/ Frame D2B6	18 KB 10 KB	217ms 192ms	Document text/html	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c3188712c21a1335ac85dedea28d03f0a4c9c854ac00268e24dbfe9357957ec Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://* Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 8651f169ba9c3a9e-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 16 Mar 2024 04:19:06 GMT Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Via 1.1 varnish X-Cache MISS X-Cache-Hits 0 X-Served-By cache-fra-eddf8230126-FRA X-Timer S1710562746.886242,VS0,VE171 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://* expires Fri, 15 Dec 1985 19:30:00 GMT link <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin strict-transport-security max-age=31536000; includeSubDomains; preload x-backend-server player-backend-edge-entry x-bapp-server player-backend-f4486c69f-tdg97 x-content-type-options nosniff x-host player-backend-f4486c69f-tdg97 x-player-backend g x-xss-protection 1; mode=block
GET DATA	200 OK	truncated /	178 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b50138f39117ee6aee422c2a2d1959ebb471d3aec40bd9d16d5569b9db117a6e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET		Gotham-Bold_Web.woff2 fonts.bibank.com/hco_fonts/woff2/	0 0
GET		Gotham-Book_Web.woff2 fonts.bibank.com/hco_fonts/woff2/	0 0
GET H2	200	Icons.woff2 www.bibank.com/assets/font/	3 KB 3 KB	460ms 460ms	Font application/octet-stream	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/assets/font/Icons.woff2 Requested by Host: www.bibank.com URL: https://www.bibank.com/assets/css/main.min.css?v=201809100226 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe4045fab6556869fd23e169bbca3058998f8b37464f3d6b64dcca87c890e5c4 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.bibank.com/assets/css/main.min.css?v=201809100226 Origin https://www.bibank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff cf-cache-status MISS via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss HIT content-disposition filename="Icons.woff2" x-varnish-count 351 content-length 2960 x-xss-protection 1; mode=block last-modified Mon, 11 Mar 2024 17:30:13 GMT server cloudflare etag "09512a93ac2dde7557c53c56d1e617b2" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/octet-stream x-varnish 163214793 4554778 cache-control public, max-age=14400 accept-ranges bytes cf-ray 8651f1693c3091dd-FRA expires Sat, 16 Mar 2024 08:19:06 GMT
GET		Gotham-Light_Web.woff2 fonts.bibank.com/hco_fonts/woff2/	0 0
GET		Gotham-Medium_Web.woff2 fonts.bibank.com/hco_fonts/woff2/	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	292 KB 94 KB	26ms 25ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZECZZ7WPX7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 573914a3d9aa994b4bec713e3154714f4738c51fb2fdd2db94fcc056e537ad73 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96180 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 16 Mar 2024 04:19:05 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	205 KB 75 KB	22ms 22ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-984311135&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 51a812c66046c4645423b87b2d598d23c26d1a0d84d609430b6274e25266015d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 76421 x-xss-protection 0 last-modified Sat, 16 Mar 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 16 Mar 2024 04:19:05 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	27ms 7ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 16 Mar 2024 03:48:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1857 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 16 Mar 2024 05:48:08 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	216 KB 58 KB	22ms 9ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 16 Mar 2024 04:19:05 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57659 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2780, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug n130f9DTWeD6yjIg0azqI8owZirY1x197+SQhVNA4DtVa83NhGj+AV/QYST3Nnla3fTVPgp4FDZcDFGyFj4DVw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1 Show response api.alpharank.io/api/pixel/script/	497 B 850 B	559ms 173ms	Script text/javascript	52.88.183.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.alpharank.io/api/pixel/script/51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-183-153.us-west-2.compute.amazonaws.com Software nginx/1.12.2 / Express Resource Hash 02f12351cfc8bffe901d5b0fdacc9e2474dbd9f3878ae3e4e44b037eaa15ca48 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:06 GMT Server nginx/1.12.2 X-Powered-By Express ETag W/"1f1-d34FnaSbejjQRGhtJFGjKzDyLRw" Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin undefined Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 497
GET H2	200	377014.js Show response js.hs-analytics.net/analytics/1710562800000/	66 KB 21 KB	203ms 175ms	Script text/javascript	2606:4700::6810:50ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1710562800000/377014.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86eb8c7b6882b774681b123dc0574e8ebc229cc92e2a802d7e4ea4c76bd292b9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id DVHK8QQPDB69ZHVB x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id adf6b35d-7d96-4a6b-83cb-6012fe6b2b8c x-envoy-upstream-service-time 61 x-amz-id-2 TIN5GczEmrCX2M7hj0xsBIylC1Nn5g3SiFnYJuCN0dGtw5PDfMgD86rbNGIR37Tw5uv9iHAOFuo= x-evy-trace-listener listener_https x-request-id adf6b35d-7d96-4a6b-83cb-6012fe6b2b8c x-evy-trace-route-configuration listener_https/all last-modified Tue, 27 Feb 2024 15:23:16 GMT server cloudflare etag W/"c12e508000d0338d59fa70675f3a7f30" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbs6d cache-control max-age=300,public access-control-allow-credentials false cf-ray 8651f16a2a5b8f2d-FRA expires Sat, 16 Mar 2024 04:24:06 GMT
GET H2	200	Bank_Independent.js Show response tag.brandcdn.com/autoscript/bankindependent_vgtsqmvfnvvvvda9/	1 KB 1 KB	62ms 13ms	Script text/javascript	2600:9000:225e:4a00:7:e536:8b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.brandcdn.com/autoscript/bankindependent_vgtsqmvfnvvvvda9/Bank_Independent.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:4a00:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0044c4ac4a9af27c4a87e225e8a2b32e4c45167a2b669e9657379261f182c917 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 03:17:34 GMT x-amz-version-id MEUNkfJLx8hxebRtPqeOgEsFGxa4lbAU via 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront) last-modified Thu, 04 Jan 2024 16:04:49 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 3692 etag "3b5c4e1644df1035fc0d5c7f5f30e6da" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/javascript x-amz-replication-status COMPLETED accept-ranges bytes content-length 1092 x-amz-cf-id h4msXucMtj9Gr5TIJNu1GcPlbVX18mxUdl1CQuZw7QOava5Q-bCoXw==
GET H/1.1	200 OK	piwik.js Show response analytics.loanspq.com/	57 KB 20 KB	696ms 313ms	Script application/x-javascript	168.61.6.168 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://analytics.loanspq.com/piwik.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.61.6.168 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software envoy / Resource Hash 714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:07 GMT content-encoding gzip last-modified Mon, 14 Nov 2016 23:08:00 GMT server envoy etag "0489cf1cb3ed21:0" vary Accept-Encoding content-type application/x-javascript accept-ranges bytes content-length 20017
GET H2	200	siteanalyze_79671.js Show response siteimproveanalytics.com/js/	28 KB 10 KB	58ms 31ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteimproveanalytics.com/js/siteanalyze_79671.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44e1d1e5a6abf2fbc3741e1e6a2304029d4eaaab5108770422f2b0f6b1016b31 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:05 GMT content-encoding gzip cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 6H2B4BSKZWMTZ255 alt-svc h3=":443"; ma=86400 content-length 9560 x-amz-id-2 YaWtN7QhX+2k1ypqye8XBoeNHhJc99RwubuxZKTrukPyOFl/i39uQLd53pyEtBDCCYkOaOO9dgY= last-modified Wed, 14 Feb 2024 17:03:50 GMT server cloudflare etag "aab2bac426a90a6864ec618303a7cd2a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSUgQ0M4TVfLieRiH8Hi8RgXH25swYFDhpyPhWlbxRh9Rtn3xdJrWZl61W4oDPD5wmD3%2B%2F83ljNSoDvZsfUmAMnqcqs66DfH5vLYwb3BVA%2BucQJre5wb2QS2O00p5G91%2BNAj3IBpZO0uhyHf3ezci4%2FqxoJdrbI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=86400, no-transform accept-ranges bytes cf-ray 8651f16a2e3090d7-FRA
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 208 B	13ms 13ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1723603127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&ul=en-us&de=UTF-8&dt=Helping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=764239883&gjid=1880623905&cid=97240971.1710562746&tid=UA-24666000-1&_gid=951159218.1710562746&_slc=1&gtm=45He43d0n81NXP8N22v78288638za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=34821809 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.bibank.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 349 B	55ms 18ms	XHR text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-24666000-1&cid=97240971.1710562746&jid=764239883&gjid=1880623905&_gid=951159218.1710562746&npa=1&_u=YGBAiEABBAAAAGAAI~&z=173476783 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bibank.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 16 Mar 2024 04:19:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	367986023874680 Show response connect.facebook.net/signals/config/	50 KB 12 KB	65ms 65ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/367986023874680?v=2.9.150&r=stable&domain=www.bibank.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9d1510568fa02b930ac52a0ad62cde83ee029051fb9e740cd038241335a03f03 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 16 Mar 2024 04:19:06 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=62755, tp=-1, tpl=-1, uplat=59, ullat=0 pragma public x-fb-debug /PZdrbUe8V3n1cAO2/mFRnuyXcXIkVOP3veNzlzcnEW2xKL15ltoukIffNYtqOy7JSX3SL6PMTSlTfCfxAHsJw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 254 B	33ms 13ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-ZECZZ7WPX7&gtm=45je43d0v880934268z878288638za200&_p=1710562745782&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=97240971.1710562746&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710562745&sct=1&seg=0&dl=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&dt=Helping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&en=page_view&_fv=1&_ss=1&tfd=1471 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZECZZ7WPX7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	18ms 18ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZECZZ7WPX7&cid=97240971.1710562746&gtm=45je43d0v880934268z878288638za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZECZZ7WPX7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	38ms 19ms	Image image/gif	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZECZZ7WPX7&cid=97240971.1710562746&gtm=45je43d0v880934268z878288638za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=311355418 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	37ms 18ms	Image image/gif	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24666000-1&cid=97240971.1710562746&jid=764239883&npa=1&_u=YGBAiEABBAAAAGAAI~&z=879934620 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	33ms 17ms	Image image/gif	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24666000-1&cid=97240971.1710562746&jid=764239883&npa=1&_u=YGBAiEABBAAAAGAAI~&z=879934620 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 273 B	30ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=367986023874680&ev=PageView&dl=https%3A%2F%2Fwww.bibank.com&rl=&if=false&ts=1710562746052&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4124&fbp=fb.1.1710562746051.241695036&pm=1&hrl=10e8f3&ler=empty&cdl=API_unavailable&it=1710562745976&coo=false&cs_cc=1&cas=6110418262343502%2C2474861135928959&rqm=GET Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sat, 16 Mar 2024 04:19:06 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	player.module.js Show response f.vimeocdn.com/p/4.28.19/js/ Frame D2B6	576 KB 139 KB	47ms 17ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/js/player.module.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 11c774d490b4387dfaa0cf966b8bdcb71933784072e2ffd879b13c0ebdeeaacf Request headers Referer https://player.vimeo.com/ Origin https://player.vimeo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kjyo7100029-IAD, cache-fra-eddf8230094-FRA date Sat, 16 Mar 2024 04:19:06 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 131255 x-timer S1710562746.098505,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 141805 x-cache-hits 22, 2019
GET H2	200	vendor.module.js Show response f.vimeocdn.com/p/4.28.19/js/ Frame D2B6	418 KB 100 KB	36ms 6ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c1621a2bc759edda87d72a1a929432897cead8f4b080120d242a432f1c410ffa Request headers Referer https://player.vimeo.com/ Origin https://player.vimeo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kiad7000079-IAD, cache-fra-eddf8230094-FRA date Sat, 16 Mar 2024 04:19:06 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 131255 x-timer S1710562746.098304,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 102420 x-cache-hits 23, 44560
GET H2	200	player.css f.vimeocdn.com/p/4.28.19/css/ Frame D2B6	209 KB 22 KB	36ms 6ms	Stylesheet text/css	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1ce3d65c557d94ad5dccc7ea1faeedea3034fea95599e93a016ac54a7e891566 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kjyo7100093-IAD, cache-fra-eddf8230137-FRA date Sat, 16 Mar 2024 04:19:06 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 131256 x-timer S1710562746.098415,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 22133 x-cache-hits 9, 45214
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame D2B6	1 KB 1 KB	397ms 371ms	Image image/avif	151.101.0.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5ae08c137a5838eead0696287a28c71d15209c5165866521c2ab4340fd3abb27 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1415471 x-viewmaster-lossless-format automatic x-cache HIT, MISS content-length 1139 x-served-by cache-dfw-kdfw8210028-DFW, cache-fra-eddf8230085-FRA x-timer S1710562746.101620,VS0,VE357 etag "579e887a5abda8ef496a71aa2a6d4d20" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 21, 0
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame D2B6	2 KB 1 KB	6ms 6ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kiad7000106-IAD, cache-fra-eddf8230137-FRA date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 2158358 x-timer S1710562746.190300,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 985 x-cache-hits 1, 217369
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame D2B6	4 KB 2 KB	38ms 16ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 16 Mar 2024 04:19:06 GMT
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame D2B6	23 KB 24 KB	131ms 130ms	Image image/avif	151.101.0.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=1200&mh=684 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 563bdf145c21eeace296d84a003ccd63957a2e85f6cc4fd6092a688f2f1708a4 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1409082 x-viewmaster-lossless-format automatic x-cache HIT, MISS content-length 24035 x-served-by cache-dfw-kdal2120056-DFW, cache-fra-eddf8230085-FRA x-timer S1710562746.213405,VS0,VE123 etag "59a5550a42b27aea81c31774eb0a98be" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 13, 0
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame D2B6	0 142 B	133ms 112ms	Ping text/plain	34.120.202.204 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=7975a3c40c1b44cb2a66636e63f416752f49377c1710562746 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H/1.1	204 No Content	vuid vimeo.com/ablincoln/ Frame D2B6	0 925 B	168ms 144ms	Ping text/plain	162.159.128.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vimeo.com/ablincoln/vuid?pid=7975a3c40c1b44cb2a66636e63f416752f49377c1710562746 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Fri, 15 Mar 2024 16:19:06 GMT Date Sat, 16 Mar 2024 04:19:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff CF-Cache-Status DYNAMIC Via 1.1 varnish, 1.1 varnish content-security-policy-report-only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp X-Cache MISS, MISS Connection keep-alive x-xss-protection 1; mode=block X-Served-By cache-iad-kjyo7100109-IAD, cache-fra-eddf8230101-FRA x-ua-compatible IE=edge x-vimeo-device d Server cloudflare X-Timer S1710562746.282818,VS0,VE119 x-backend-proxy webproxy2 x-frame-options sameorigin Vary User-Agent,x-http-method-override cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server pweb-56d8fd8dfc-xp9rt Accept-Ranges bytes CF-RAY 8651f16c29111959-FRA X-Cache-Hits 0, 0
GET H2	200	cast_framework.js Show response www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame D2B6	35 KB 12 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12197 x-xss-protection 0 last-modified Mon, 14 Nov 2022 23:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="chrome-dongle" vary Accept-Encoding report-to {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]} content-type text/javascript cache-control private, max-age=0 accept-ranges bytes expires Sat, 16 Mar 2024 04:19:06 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/122/ Frame D2B6	50 KB 15 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/122/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 17:54:12 GMT content-encoding gzip x-content-type-options nosniff age 37494 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14711 x-xss-protection 0 last-modified Mon, 15 Jan 2024 16:03:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Sat, 16 Mar 2024 17:54:12 GMT
GET H2	200	kernel.js Show response kernel-serve.banno.com/	6 KB 6 KB	607ms 120ms	Script application/javascript	34.72.178.159 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://kernel-serve.banno.com/kernel.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.72.178.159 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 159.178.72.34.bc.googleusercontent.com Software / Resource Hash fd6ee9b0dbd4fbdaa1121e72d928d457e2b8c38ac25d18d35ffe1a2e4a90861e Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT strict-transport-security max-age=15724800 etag "13313E3976F35F88B2181A14ED86D18A" content-length 5710 content-type application/javascript
GET H/1.1	200 OK	134839839 Show response player.vimeo.com/video/ Frame D2B6	18 KB 9 KB	273ms 273ms	Document text/html	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75c66d764f923d8ed6278a2b4f493eab2f60bab0d937a2510cc1d4444df89f82 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://* Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 8651f16d0ceb3a9e-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 16 Mar 2024 04:19:06 GMT Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Via 1.1 varnish X-Cache MISS X-Cache-Hits 0 X-Served-By cache-fra-eddf8230066-FRA X-Timer S1710562746.413457,VS0,VE251 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://* expires Fri, 15 Dec 1985 19:30:00 GMT link <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin strict-transport-security max-age=31536000; includeSubDomains; preload x-backend-server player-backend-edge-entry x-bapp-server player-backend-f4486c69f-jv6kg x-content-type-options nosniff x-host player-backend-f4486c69f-jv6kg x-player-backend g x-xss-protection 1; mode=block
GET H2	200	activityi;dc_pre=CL-V--b294QDFfZiQQIdPGwFVQ;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947 Show response 6856376.fls.doubleclick.net/ Frame 103F Redirect Chain https://6856376.fls.doubleclick.net/activityi;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947? https://6856376.fls.doubleclick.net/activityi;dc_pre=CL-V--b294QDFfZiQQIdPGwFVQ;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947?	2 KB 1 KB	37ms 37ms	Document text/html	142.250.185.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6856376.fls.doubleclick.net/activityi;dc_pre=CL-V--b294QDFfZiQQIdPGwFVQ;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f6.1e100.net Software cafe / Resource Hash 6f41afb42c7c054bffc5630ac2bf9b3186e2dc2f03a985c8382bb2b9b0ac6cbc Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 924 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 16 Mar 2024 04:19:06 GMT expires Sat, 16 Mar 2024 04:19:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 16 Mar 2024 04:19:06 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://6856376.fls.doubleclick.net/activityi;dc_pre=CL-V--b294QDFfZiQQIdPGwFVQ;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	activity;xsp=4360657;ord=1;num=4604954275885.791 pubads.g.doubleclick.net/	42 B 440 B	243ms 190ms	Image image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pubads.g.doubleclick.net/activity;xsp=4360657;ord=1;num=4604954275885.791? Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	t.js vidassets.terminus.services/be63dc52-477a-4595-bb5d-c9d27622fdc4/	0 0	72ms 29ms	Script application/json	18.66.192.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vidassets.terminus.services/be63dc52-477a-4595-bb5d-c9d27622fdc4/t.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXP8N22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-127.muc50.r.cloudfront.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H2	200	image.aspx 79671.global.siteimproveanalytics.io/	34 B 149 B	72ms 7ms	Image image/gif	3.65.157.78 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://79671.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&title=Helping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&res=1600x1200&accountid=79671&rt=1912&prev=fe2f90ae-e777-2cc8-4fb2-7b948daad8c9&luid=76eafef1-2b3b-f14f-dcfb-90a874234226&rnd=50523 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.65.157.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-65-157-78.eu-central-1.compute.amazonaws.com Software / Resource Hash 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-type image/gif date Sat, 16 Mar 2024 04:19:06 GMT cache-control max-age=0 content-length 34 expires Sat, 16 Mar 2024 04:19:06 UTC
GET H2	200	sync Show response live.rezync.com/	2 KB 3 KB	186ms 154ms	Script text/javascript	13.32.27.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=84704d8985b4a5887edb9b17bbc8a8f6&k=bank-independent-pixel-6605&zmpID=bank-independent&cache_buster=1710562746479 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-99.fra56.r.cloudfront.net Software lighttpd/1.4.69 / Resource Hash e48882b589eee7984d84a9529664668662f3e277092153c0c2c7315ac4f3b945 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/javascript accept-ranges bytes content-length 2212 x-amz-cf-id RCqaN1ampyZ8U6C6SEzZy8IERmAfZulS5Y1tB2BKT5PRQeouwib7dw==
GET H2	200	disclaimer Show response www.bibank.com/_/api/	3 KB 1 KB	169ms 169ms	XHR application/json	104.18.24.218 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bibank.com/_/api/disclaimer Requested by Host: www.bibank.com URL: https://www.bibank.com/assets/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.218 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26d4066de6c70db592d7c9bef05d49cb17504b6eb0c8ee312b82a03ab1abebd0 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://www.bibank.com/helping-hands-foundation X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json Response headers date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish cf-cache-status DYNAMIC age 0 x-varnish-ttl 0.000 x-varnish-hitmiss MISS x-varnish-count 0 content-length 964 x-xss-protection 1; mode=block server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 x-varnish 116693224 cache-control public, max-age=0 accept-ranges bytes cf-ray 8651f16dade091dd-FRA expires Sat, 16 Mar 2024 04:19:06 GMT
GET H/1.1	200 OK	51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1 Show response api.alpharank.io/api/pixel/script/	45 KB 45 KB	347ms 347ms	Script text/javascript	52.88.183.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.alpharank.io/api/pixel/script/51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1?c=n&t=1710633600000 Requested by Host: api.alpharank.io URL: https://api.alpharank.io/api/pixel/script/51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-183-153.us-west-2.compute.amazonaws.com Software nginx/1.12.2 / Express Resource Hash 4a25be1f0513a03c0595d7adc16dbd4402afaa9f00fdcb2564b53613eba2ad8b Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:06 GMT Server nginx/1.12.2 X-Powered-By Express ETag W/"b34c-5l4RE/4mt4MMmx9MJ5iDiT4UXqA" Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin undefined Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 45900
GET H2	200	cv_pixel.js Show response adservices.brandcdn.com/pixel/	2 KB 1 KB	493ms 153ms	Script text/javascript	52.9.76.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adservices.brandcdn.com/pixel/cv_pixel.js Requested by Host: tag.brandcdn.com URL: https://tag.brandcdn.com/autoscript/bankindependent_vgtsqmvfnvvvvda9/Bank_Independent.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.9.76.143 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-9-76-143.us-west-1.compute.amazonaws.com Software Apache/2.4.52 (Ubuntu) / Resource Hash bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip last-modified Fri, 21 Apr 2023 11:03:33 GMT server Apache/2.4.52 (Ubuntu) etag "613-5f9d69bae4944-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 745
GET H/1.1	200 OK	iframe Show response d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/ Frame 4DA4 Redirect Chain https://insight.adsrvr.org/tags/ke0jjcx/h9q6rcf/iframe https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe	138 B 668 B	37ms 7ms	Document text/html	18.66.123.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe Requested by Host: tag.brandcdn.com URL: https://tag.brandcdn.com/autoscript/bankindependent_vgtsqmvfnvvvvda9/Bank_Independent.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.123.144 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-123-144.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 438b77ca272c8c6fc09071089337aca9faa5c2207d6270a152b19b9203da970f Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Age 39083 Cache-Control max-age=86400 Connection keep-alive Content-Length 138 Content-Type text/html Date Fri, 15 Mar 2024 17:27:44 GMT ETag "5257b44c434fed89cc9656025794a550" Last-Modified Wed, 22 Jun 2022 17:57:30 GMT Server AmazonS3 Via 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront) X-Amz-Cf-Id vhlxRjgufMXpBFtTj_zWVV3bOe8oECkg_qFgxaaf8LaypfVH5RRgSA== X-Amz-Cf-Pop FRA60-P2 X-Cache Hit from cloudfront x-amz-server-side-encryption AES256 Redirect headers content-length 0 date Sat, 16 Mar 2024 04:19:06 GMT location https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe
GET H2	200	/ insight.adsrvr.org/track/conv/	70 B 148 B	100ms 31ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/conv/?adv=ke0jjcx&ct=0:bhs1alf&fmt=3 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	/ insight.adsrvr.org/track/evnt/	70 B 148 B	101ms 32ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/evnt/?adv=ke0jjcx&ct=0:h9q6rcf&fmt=3 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	dc_pre=CL-V--b294QDFfZiQQIdPGwFVQ;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947 adservice.google.com/ddm/fls/z/ Frame 103F	42 B 401 B	105ms 43ms	Image image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CL-V--b294QDFfZiQQIdPGwFVQ;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947 Requested by Host: 6856376.fls.doubleclick.net URL: https://6856376.fls.doubleclick.net/activityi;dc_pre=CL-V--b294QDFfZiQQIdPGwFVQ;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6856376.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDY4NTYzNzYKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2JpYmFuay5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVnX2tleTog... ad.doubleclick.net/ddm/activity/ Frame 103F	0 2 KB	68ms 40ms	Image image/png	142.250.186.102 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDY4NTYzNzYKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2JpYmFuay5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVnX2tleTogOTQzMzEzMTA2MTU4MTQzMjA3MApjdGNfY29udmVyc2lvbl9idWNrZXQ6IDEKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA2OTY3NjQ5CiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAzLTE2IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiA0MDkwMjE5NjIxMDcxNTI3NjcwCmdhaWFfbW9kZTogZmFsc2UK Requested by Host: 6856376.fls.doubleclick.net URL: https://6856376.fls.doubleclick.net/activityi;dc_pre=CL-V--b294QDFfZiQQIdPGwFVQ;src=6856376;type=invmedia;cat=utkwzl5s;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7065582696566.947? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6856376.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"4090219621071527670"}],"aggregatable_trigger_data":[{"filters":{"14":["6967649"]},"key_piece":"0xe5594149bec7ab0b","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xe0b7e8fa40425393","not_filters":{"14":["6967649"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6967649"]},"key_piece":"0xbfec7504382f91fd","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xb148f6cc0af8fee","not_filters":{"14":["6967649"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"9433131061581432070","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"4090219621071527670","filters":{"14":["6967649"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"4090219621071527670","filters":{"14":["6967649"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"4090219621071527670","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"4090219621071527670","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["6856376"]}} x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	piwik.php analytics.loanspq.com/	43 B 159 B	537ms 537ms	Image image/gif	168.61.6.168 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.loanspq.com/piwik.php?action_name=www.bibank.com%2FHelping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&idsite=212&rec=1&r=742565&h=5&m=19&s=6&url=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&_id=886695ff21224ca8&_idts=1710562747&_idvc=1&_idn=0&_refts=0&_viewts=1710562747&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=535 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.61.6.168 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software envoy / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:07 GMT server envoy content-length 43 content-type image/gif
GET H2	200	/ insight.adsrvr.org/track/pxl/ Frame 4DA4	70 B 148 B	31ms 31ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=ke0jjcx&ct=0:h9q6rcf&fmt=3 Requested by Host: d1eoo1tco6rr5e.cloudfront.net URL: https://d1eoo1tco6rr5e.cloudfront.net/ke0jjcx/h9q6rcf/iframe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://d1eoo1tco6rr5e.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	tc.min.js Show response c1.rfihub.net/js/	19 KB 6 KB	51ms 7ms	Script application/x-javascript	2600:9000:214f:400:1:76cf:fe80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c1.rfihub.net/js/tc.min.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:400:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:06:32 GMT content-encoding gzip via 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront) last-modified Sat, 16 Mar 2024 04:06:22 GMT server Jetty(9.4.51.v20230217) x-amz-cf-pop FRA53-C1 age 754 x-cache Hit from cloudfront content-type application/x-javascript p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control public, max-age=3600 content-length 6162 x-amz-cf-id QVr9TUonAReFCpZaK3YCvWoXDYcqW2BHkagT-Sfjxyl9_4lgtCY7Ww== expires Sat, 16 Mar 2024 05:06:32 GMT
GET H/1.1	200 OK	p13n.min.js Show response cdn.boomtrain.com/p13n/bank-independent/	92 KB 30 KB	458ms 414ms	Script application/javascript	18.172.112.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.boomtrain.com/p13n/bank-independent/p13n.min.js Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.172.112.123 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-123.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash efd668ae087fde9947b834d8b8ea31d6c7a2b2cd676d9104a36a6c352d2bc05f Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id WREIa4560U47vaxy6BBV7_c1LQab8_8k Content-Encoding gzip Via 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront) Date Sat, 16 Mar 2024 04:19:08 GMT X-Amz-Cf-Pop FRA60-P8 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache RefreshHit from cloudfront Connection keep-alive Last-Modified Thu, 14 Mar 2024 00:45:57 GMT Server AmazonS3 ETag W/"fc20e23ab0d1ce0aec6497aad64621ca" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=3600 X-Amz-Cf-Id o3S4IU88ORQYOU_ICHjrHh1gt69yx-l6zxw_Bh2VjXAQS2UYVnDf6A==
GET H2	200	player.module.js Show response f.vimeocdn.com/p/4.28.19/js/ Frame D2B6	576 KB 139 KB	7ms 6ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/js/player.module.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 11c774d490b4387dfaa0cf966b8bdcb71933784072e2ffd879b13c0ebdeeaacf Request headers Referer https://player.vimeo.com/ Origin https://player.vimeo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kjyo7100029-IAD, cache-fra-eddf8230094-FRA date Sat, 16 Mar 2024 04:19:06 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 131256 x-timer S1710562747.681928,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 141805 x-cache-hits 22, 2020
GET H2	200	vendor.module.js Show response f.vimeocdn.com/p/4.28.19/js/ Frame D2B6	418 KB 100 KB	9ms 8ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c1621a2bc759edda87d72a1a929432897cead8f4b080120d242a432f1c410ffa Request headers Referer https://player.vimeo.com/ Origin https://player.vimeo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kiad7000079-IAD, cache-fra-eddf8230094-FRA date Sat, 16 Mar 2024 04:19:06 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 131256 x-timer S1710562747.681990,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 102420 x-cache-hits 23, 44561
GET H2	200	player.css f.vimeocdn.com/p/4.28.19/css/ Frame D2B6	209 KB 22 KB	7ms 7ms	Stylesheet text/css	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.28.19/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1ce3d65c557d94ad5dccc7ea1faeedea3034fea95599e93a016ac54a7e891566 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kjyo7100093-IAD, cache-fra-eddf8230137-FRA date Sat, 16 Mar 2024 04:19:06 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 131256 x-timer S1710562747.681980,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 22133 x-cache-hits 9, 45215
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame D2B6	1 KB 1 KB	8ms 8ms	Image image/avif	151.101.0.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5ae08c137a5838eead0696287a28c71d15209c5165866521c2ab4340fd3abb27 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1415471 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 1139 x-served-by cache-dfw-kdfw8210028-DFW, cache-fra-eddf8230085-FRA x-timer S1710562747.683001,VS0,VE0 etag "579e887a5abda8ef496a71aa2a6d4d20" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 21, 1
GET		Gotham-Bold_Web.woff fonts.bibank.com/hco_fonts/woff/	0 0
GET		Gotham-Medium_Web.woff fonts.bibank.com/hco_fonts/woff/	0 0
GET		Gotham-Light_Web.woff fonts.bibank.com/hco_fonts/woff/	0 0
GET		Gotham-Book_Web.woff fonts.bibank.com/hco_fonts/woff/	0 0
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame D2B6	2 KB 1 KB	6ms 6ms	Script application/javascript	146.75.118.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/134839839?color=b5cc9d&title=0&byline=0&portrait=0&api=1&player_id=vimeo_id_0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-served-by cache-iad-kiad7000106-IAD, cache-fra-eddf8230137-FRA date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 2158359 x-timer S1710562747.728888,VS0,VE0 vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 985 x-cache-hits 1, 217370
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame D2B6	23 KB 24 KB	7ms 7ms	Image image/avif	151.101.0.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=1200&mh=684 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/player.module.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 563bdf145c21eeace296d84a003ccd63957a2e85f6cc4fd6092a688f2f1708a4 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1409082 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 24035 x-served-by cache-dfw-kdal2120056-DFW, cache-fra-eddf8230085-FRA x-timer S1710562747.732036,VS0,VE0 etag "59a5550a42b27aea81c31774eb0a98be" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 13, 1
GET H3	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame D2B6	4 KB 2 KB	62ms 61ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 16 Mar 2024 04:19:06 GMT
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame D2B6	0 40 B	106ms 106ms	Ping text/plain	34.120.202.204 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=7975a3c40c1b44cb2a66636e63f416752f49377c1710562746 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	oembed.json Show response vimeo.com/api/ Redirect Chain https://www.vimeo.com/api/oembed.json?url=https://vimeo.com/134839839&callback=vimeoCallback https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/134839839	1 KB 2 KB	315ms 315ms	Script application/javascript	162.159.128.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/134839839 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 808acbf7070e9c81cc9736e754cfe7e8df585fbeb82e136c2fd89ed61f68dc79 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-varnish-cache 0 Date Sat, 16 Mar 2024 04:19:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff CF-Cache-Status DYNAMIC content-encoding gzip age 0 content-security-policy-report-only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp X-Cache MISS, MISS via 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish Connection keep-alive x-vserver web-varnish-prod-varnish-12 Content-Length 593 x-xss-protection 1; mode=block x-ua-compatible IE=edge X-Served-By cache-iad-kcgs7200020-IAD, cache-fra-eddf8230055-FRA last-modified Fri, 15 Mar 2024 06:44:02 GMT Server cloudflare X-Timer S1710562747.936092,VS0,VE294 etag W/"4afa0c19438baecd9044403b9c108a47ab93dfcc-gzip" x-backend-proxy webproxy13 x-frame-options sameorigin Vary Accept-Encoding,x-http-method-override Content-Type application/javascript access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server pweb-56d8fd8dfc-xp9rt accept-ranges bytes CF-RAY 8651f1704ba11959-FRA access-control-allow-headers X-Requested-With X-Cache-Hits 0, 0 Redirect headers x-varnish-cache 0 Date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish CF-Cache-Status DYNAMIC age 0 Transfer-Encoding chunked X-Cache MISS, MISS Connection keep-alive x-vserver web-varnish-prod-varnish-13 X-Served-By cache-iad-kiad7000137-IAD, cache-fra-eddf8230040-FRA Server cloudflare X-Timer S1710562747.805825,VS0,VE104 x-backend-proxy webproxy14 Vary x-http-method-override Content-Type text/html; charset=iso-8859-1 Location https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/134839839 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server Accept-Ranges bytes CF-RAY 8651f16f6ebb5d82-FRA X-Cache-Hits 0, 0
GET H/1.1	200 OK	ca.html Show response 20848799p.rfihub.com/ Frame 993A	5 KB 5 KB	177ms 21ms	Document text/html	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20848799p.rfihub.com/ca.html?ver=9&rb=49565&ca=20848799&_o=49565&_t=20848799&userid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&pe=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&pf=&ra=18095301562936328 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 4131ed6a7697fdf1ce21b38839bf8c2f2951da3b2539fa9ca29588e931354147 Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 4826 Content-Type text/html;charset=utf-8 Date Sat, 16 Mar 2024 04:19:06 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H/1.1	200 OK	ca.html Show response 20848799p.rfihub.com/ Frame 9AF0	5 KB 5 KB	179ms 24ms	Document text/html	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20848799p.rfihub.com/ca.html?ver=9&rb=49565&ca=20848799&_o=49565&_t=20848799&userid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&pe=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&pf=&ra=5769993085347589 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash f5850ca71e57bb83ac09e8e46c4d15ca3fc6beb4c4e3adb468314d1ee78af461 Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 4826 Content-Type text/html;charset=utf-8 Date Sat, 16 Mar 2024 04:19:06 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H/1.1	200 OK	ca.html Show response 20848799p.rfihub.com/ Frame F5EF	5 KB 5 KB	177ms 22ms	Document text/html	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20848799p.rfihub.com/ca.html?ver=9&rb=49565&ca=20848799&_o=49565&_t=20848799&userid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&pe=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&pf=&ra=782880122566666 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 37c3ecd04909a4b8d9c7f1068cb3bba270ccb5ce1dbb1008d1f73a11af75940e Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 4826 Content-Type text/html;charset=utf-8 Date Sat, 16 Mar 2024 04:19:06 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H3	200	cast_framework.js Show response www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame D2B6	35 KB 12 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12197 x-xss-protection 0 last-modified Mon, 14 Nov 2022 23:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="chrome-dongle" vary Accept-Encoding report-to {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]} content-type text/javascript cache-control private, max-age=0 accept-ranges bytes expires Sat, 16 Mar 2024 04:19:06 GMT
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/122/ Frame D2B6	50 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/122/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 17:54:12 GMT content-encoding gzip x-content-type-options nosniff age 37494 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14711 x-xss-protection 0 last-modified Mon, 15 Jan 2024 16:03:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Sat, 16 Mar 2024 17:54:12 GMT
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame D2B6	23 KB 24 KB	7ms 6ms	Image image/avif	151.101.0.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=1200&mh=684 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 563bdf145c21eeace296d84a003ccd63957a2e85f6cc4fd6092a688f2f1708a4 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1409082 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 24035 x-served-by cache-dfw-kdal2120056-DFW, cache-fra-eddf8230085-FRA x-timer S1710562747.832382,VS0,VE0 etag "59a5550a42b27aea81c31774eb0a98be" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 13, 2
GET H2	200	641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d i.vimeocdn.com/video/ Frame D2B6	1 KB 1 KB	6ms 6ms	Image image/avif	151.101.0.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/641336650-d02807c3146fdf5725df50954857500da7a4a9f49c69e27c92b3b90101ae4f02-d?mw=80&q=85 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.28.19/js/vendor.module.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5ae08c137a5838eead0696287a28c71d15209c5165866521c2ab4340fd3abb27 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 1415471 x-viewmaster-lossless-format automatic x-cache HIT, HIT content-length 1139 x-served-by cache-dfw-kdfw8210028-DFW, cache-fra-eddf8230085-FRA x-timer S1710562747.841088,VS0,VE0 etag "579e887a5abda8ef496a71aa2a6d4d20" access-control-max-age 86400 vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control max-age=2592000 accept-ranges bytes x-cache-hits 21, 2
GET H2	451	501709.gif idsync.rlcdn.com/ Frame 993A Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329530831851948&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a23c-fcaae86b... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424281627578&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a2... https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.0235786	0 42 B	15ms 15ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.0235786 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:07 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Sat, 16 Mar 2024 04:19:07 GMT via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.0235786 content-length 445 x-amz-cf-id aYBbpUzOpb_A3m0ki2IYz3UHpQYizMeL1CelpWQEfafdyngU8rihsA==
GET H2	200	pixel cm.g.doubleclick.net/ Frame 993A	170 B 409 B	55ms 16ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUzMDgzMTg1MTk0OA==&forward= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 993A Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5133329530831851948 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329530831851948	43 B 1 KB	15ms 12ms	Image image/gif	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329530831851948 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT an-x-request-uuid e7a9d3de-2714-41df-b659-5f75802ae155 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT an-x-request-uuid 15481495-989e-427e-88c1-da97381c75c7 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329530831851948 cache-control no-store, no-cache, private x-proxy-origin 45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	demconf.jpg dpm.demdex.net/ Frame 993A Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329530831851948&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329530831851948&redir=	42 B 719 B	34ms 34ms	Image image/gif	52.210.135.107 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329530831851948&redir= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 52.210.135.107 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-135-107.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers dcs dcs-prod-irl1-1-v058-0a2ec7727.edge-irl1.demdex.com 2 ms pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid 2dHm8tZlRS4= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-2-v058-04f22ed8f.edge-irl1.demdex.com 0 ms pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid byhVeKd6QJg= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329530831851948&redir= cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 993A	0 225 B	73ms 12ms	Image text/html	198.47.127.205 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5133329530831851948&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Sat, 16 Mar 2024 04:19:06 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 993A	43 B 264 B	39ms 15ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329530831851948&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 993A Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0	0 344 B	53ms 8ms	Image text/plain	3.125.70.222 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-125-70-222.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:07 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0 Date Sat, 16 Mar 2024 04:19:07 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame 993A	57 B 644 B	139ms 62ms	Image image/gif	23.38.200.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329530831851948 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.200.22 Oslo, Norway, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-38-200-22.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Sat, 16 Mar 2024 04:19:07 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store alt-svc h3=":443"; ma=93600 content-length 57 x-mnet-hl2 E expires Sat, 16 Mar 2024 04:19:07 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 993A	43 B 109 B	342ms 117ms	Image image/gif	3.224.131.173 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5133329530831851948 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.224.131.173 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-131-173.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:07 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 993A Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530831851948&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530831851948&forward=&C=1	43 B 625 B	26ms 20ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329530831851948&forward=&C=1 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51LWH7xPMa8eA6FcE0GNXJYXzM%2BUfpjIa2RfRwUKBVN0bHQvKDRAeFvlwT%2FExGJwBNLapweVuZow42lqSjJ6j8HngRyBmEy27XD3dcrDmFGbyPliXM%2BDqLVa0rp978FZ76O1c1V%2BQTmDpg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8651f170cf72362a-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHML7sSBbx5obBL%2BqiB6lSIPxa8B3dZdJvqSCjmH%2FDA5YBM7VnjVjfCgTPpuUhrH79b5leDhz6Fq%2By96En%2Fv6Em1174kGHQOId1fiAZOhnAj9RpXenKj%2FNpS6plfR4KwC6DcNS1y87zK%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5133329530831851948&forward=&C=1 cache-control no-cache cf-ray 8651f1709f4c362a-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame 993A	0 98 B	47ms 21ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5133329530831851948 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame 993A	43 B 182 B	1045ms 663ms	Image image/gif	23.38.201.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329530831851948 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.201.22 Oslo, Norway, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-38-201-22.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Sat, 16 Mar 2024 04:19:08 GMT pragma no-cache date Sat, 16 Mar 2024 04:19:08 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 43 content-type image/gif
GET H2	200	sync partners.tremorhub.com/ Frame 993A	43 B 174 B	340ms 96ms	Image image/gif	2600:1f18:612b:4280:349b:e07b:bf46:1d2a AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5133329530831851948&r=JNS_wOXHCzXO Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4280:349b:e07b:bf46:1d2a Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Sat, 16 Mar 2024 04:19:07 GMT server nginx content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 993A	43 B 376 B	56ms 9ms	Image image/gif	35.156.198.244 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329530831851948 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.198.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-198-244.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame 993A	43 B 235 B	84ms 16ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329530831851948&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:07 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame 993A Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfUduwAABm-IRQAo https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwAABm-IRQAo&_test=ZfUduwAABm-IRQAo	42 B 974 B	15ms 15ms	Image image/gif	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwAABm-IRQAo&_test=ZfUduwAABm-IRQAo Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/gif Date Sat, 16 Mar 2024 04:19:07 GMT Cache-Control no-cache Server Jetty(9.4.51.v20230217) Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-fra-eddf8230054-FRA pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT via 1.1 varnish server Varnish x-timer S1710562747.211522,VS0,VE0 x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwAABm-IRQAo&_test=ZfUduwAABm-IRQAo cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	match ps.eyeota.net/ Frame F5EF Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0	0 344 B	53ms 8ms	Image text/plain	3.125.70.222 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-125-70-222.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:07 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0 Date Sat, 16 Mar 2024 04:19:07 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	cm p.rfihub.com/ Frame F5EF Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfUduwAAAoirUgA9 https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwAAAoirUgA9&_test=ZfUduwAAAoirUgA9	42 B 974 B	17ms 15ms	Image image/gif	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwAAAoirUgA9&_test=ZfUduwAAAoirUgA9 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/gif Date Sat, 16 Mar 2024 04:19:07 GMT Cache-Control no-cache Server Jetty(9.4.51.v20230217) Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-fra-eddf8230054-FRA pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT via 1.1 varnish server Varnish x-timer S1710562747.112440,VS0,VE0 x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwAAAoirUgA9&_test=ZfUduwAAAoirUgA9 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	451	501709.gif idsync.rlcdn.com/ Frame F5EF Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433833071439910&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a23c-fcaae86b... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424281627578&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a2... https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.03008	0 9 B	16ms 15ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.03008 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:07 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Sat, 16 Mar 2024 04:19:07 GMT via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.03008 content-length 441 x-amz-cf-id ikIVkO2GVwtGKsSNVlNwpDOoItOnhNXXEcRbyQWvgEmi--16vtGAeQ==
GET H2	200	pixel cm.g.doubleclick.net/ Frame F5EF	170 B 232 B	50ms 18ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgzMzA3MTQzOTkxMA==&forward= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame F5EF Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5107433833071439910 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433833071439910	43 B 1 KB	16ms 10ms	Image image/gif	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433833071439910 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT an-x-request-uuid 92ef4347-1598-4e98-96cb-8927d9bf4094 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT an-x-request-uuid 708fe423-d16d-4768-9c55-9d1eeb67dd28 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433833071439910 cache-control no-store, no-cache, private x-proxy-origin 45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	demconf.jpg dpm.demdex.net/ Frame F5EF Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5107433833071439910&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433833071439910&redir=	42 B 719 B	33ms 33ms	Image image/gif	52.210.135.107 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433833071439910&redir= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 52.210.135.107 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-135-107.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers dcs dcs-prod-irl1-2-v058-0bfcb77d5.edge-irl1.demdex.com 2 ms pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid Vk8uZrMfQCc= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-2-v058-0eb8fe7c0.edge-irl1.demdex.com 0 ms pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid vq8dKIeITog= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433833071439910&redir= cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame F5EF	0 74 B	66ms 13ms	Image text/html	198.47.127.205 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5107433833071439910&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Sat, 16 Mar 2024 04:19:06 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame F5EF	43 B 97 B	34ms 16ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537073062&val=5107433833071439910&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame F5EF	57 B 644 B	131ms 60ms	Image image/gif	23.38.200.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5107433833071439910 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.200.22 Oslo, Norway, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-38-200-22.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Sat, 16 Mar 2024 04:19:07 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store alt-svc h3=":443"; ma=93600 content-length 57 x-mnet-hl2 E expires Sat, 16 Mar 2024 04:19:07 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame F5EF	43 B 108 B	354ms 135ms	Image image/gif	3.224.131.173 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5107433833071439910 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.224.131.173 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-131-173.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:07 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H2	200	rum dsum-sec.casalemedia.com/ Frame F5EF Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433833071439910&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433833071439910&forward=&C=1	43 B 556 B	24ms 23ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433833071439910&forward=&C=1 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5KfoHg6jrnUiPKnwoUjJ0cmC3BYY9AEo%2FfYIhhXu5ukiovlpG9CPCua51WaCJWtCM40sbsSf6AHW%2BOKM2rjWF0XcdOWze9ZTxwFJn9DJAKiFSC5WB8amyPjHOsHisQam5BpMphexnhG1Zg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8651f170bf69362a-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CI7dYIw%2FwL3cv%2FPcTfeoMko96cLnulLDOyI2ehKvsux6B5%2BBnB06OjoxxmWFZSK8CG%2FO%2BB1yxXU6tgk3Uy4vHvtRNk2PGBzCJ9RGHhBSwmj%2BNKUmCZDWBuWpJukc0OjxoLUYmgI8%2FLafVw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5107433833071439910&forward=&C=1 cache-control no-cache cf-ray 8651f1709f4a362a-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame F5EF	0 42 B	17ms 17ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5107433833071439910 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET		rocketfuel_sync x.dlx.addthis.com/e/ Frame F5EF	0 0
GET H2	200	sync partners.tremorhub.com/ Frame F5EF	43 B 175 B	327ms 94ms	Image image/gif	2600:1f18:612b:4280:349b:e07b:bf46:1d2a AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5107433833071439910&r=I3-rCYkXoXAr Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4280:349b:e07b:bf46:1d2a Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Sat, 16 Mar 2024 04:19:07 GMT server nginx content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame F5EF	43 B 377 B	45ms 7ms	Image image/gif	35.156.198.244 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5107433833071439910 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.198.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-198-244.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame F5EF	43 B 235 B	77ms 15ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433833071439910&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:07 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 9AF0 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0	0 344 B	52ms 7ms	Image text/plain	3.125.70.222 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-125-70-222.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:07 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5134455424281627578&bid=omt9pi0 Date Sat, 16 Mar 2024 04:19:07 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	cm p.rfihub.com/ Frame 9AF0 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZfUduwABKSprzQAe https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwABKSprzQAe&_test=ZfUduwABKSprzQAe	42 B 974 B	15ms 15ms	Image image/gif	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwABKSprzQAe&_test=ZfUduwABKSprzQAe Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/gif Date Sat, 16 Mar 2024 04:19:07 GMT Cache-Control no-cache Server Jetty(9.4.51.v20230217) Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-fra-eddf8230054-FRA pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT via 1.1 varnish server Varnish x-timer S1710562747.180974,VS0,VE0 x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=ZfUduwABKSprzQAe&_test=ZfUduwABKSprzQAe cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	451	501709.gif idsync.rlcdn.com/ Frame 9AF0 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424281627578&referrer=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a23c-fcaae86b... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455424281627578&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee1e1fc6-b2d9-451f-a2... https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.038801	0 9 B	16ms 16ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.038801 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:07 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Sat, 16 Mar 2024 04:19:07 GMT via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=ee1e1fc6-b2d9-451f-a23c-fcaae86b9810%3A1710562746.586731&_=1710562747.038801 content-length 443 x-amz-cf-id Re-ppWWINdzR2CkMib544PbfYWJU90eb8hmKTmjEhynAozBn2yfxAQ==
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9AF0	170 B 232 B	41ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQyNDI4MTYyNzU3OA==&forward= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 9AF0 Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5134455424281627578 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455424281627578	43 B 1 KB	13ms 13ms	Image image/gif	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455424281627578 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT an-x-request-uuid 9a50ea60-fb66-4e99-8fc6-983244e5e092 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT an-x-request-uuid d17a14c6-b29f-4d62-ab5d-e3e20f935822 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455424281627578 cache-control no-store, no-cache, private x-proxy-origin 45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	demconf.jpg dpm.demdex.net/ Frame 9AF0 Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455424281627578&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455424281627578&redir=	42 B 719 B	35ms 35ms	Image image/gif	52.210.135.107 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455424281627578&redir= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 52.210.135.107 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-135-107.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers dcs dcs-prod-irl1-1-v058-00221f726.edge-irl1.demdex.com 2 ms pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid zgavl8MQQSA= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-1-v058-061dbf0bc.edge-irl1.demdex.com 0 ms pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid Ma2VFPefRyI= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455424281627578&redir= cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 9AF0	0 74 B	59ms 13ms	Image text/html	198.47.127.205 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5134455424281627578&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Sat, 16 Mar 2024 04:19:06 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 9AF0	43 B 97 B	26ms 16ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455424281627578&r= Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame 9AF0	57 B 644 B	123ms 60ms	Image image/gif	23.38.200.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5134455424281627578 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.200.22 Oslo, Norway, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-38-200-22.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Sat, 16 Mar 2024 04:19:07 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store alt-svc h3=":443"; ma=93600 content-length 57 x-mnet-hl2 E expires Sat, 16 Mar 2024 04:19:07 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 9AF0	43 B 108 B	348ms 137ms	Image image/gif	3.224.131.173 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5134455424281627578 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.224.131.173 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-131-173.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:07 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 9AF0 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424281627578&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424281627578&forward=&C=1	43 B 432 B	27ms 21ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455424281627578&forward=&C=1 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Server 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gW7xKco%2F1BqDuWxzpKXujiqG%2BS3qxBn%2BYcbvp8xAsrzkGFoIFGz11%2B%2BTmVE7dJm5FokjUDLThMvDL0g46RqOGpaT1vn21UTQjiSRgllr5vZBJkaYW%2B%2FG%2BhbHuIdrz5M7y6TtC0N9TzJBg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8651f170cf73362a-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 16 Mar 2024 04:19:06 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbNvD8BDR2PaqVcu36IkKGoBhos68%2F2ry7JV2jKEaeae1ZguhTs7kAD4Y95wTc1dwwnyS2NSXnaycDKJq3K95YGpIKYhiNFOAAnBk3TNl%2F9X36kI8WcUwjrKYLlGobVuVKeRJCyiP4Ny3w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5134455424281627578&forward=&C=1 cache-control no-cache cf-ray 8651f1709f4d362a-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame 9AF0	0 42 B	17ms 17ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5134455424281627578 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:06 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame 9AF0	43 B 182 B	706ms 324ms	Image image/gif	23.38.201.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5134455424281627578 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.201.22 Oslo, Norway, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-38-201-22.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Sat, 16 Mar 2024 04:19:07 GMT pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 43 content-type image/gif
GET H2	200	sync partners.tremorhub.com/ Frame 9AF0	43 B 174 B	328ms 95ms	Image image/gif	2600:1f18:612b:4280:349b:e07b:bf46:1d2a AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5134455424281627578&r=jk6RyyxN9Y_z Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4280:349b:e07b:bf46:1d2a Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Sat, 16 Mar 2024 04:19:07 GMT server nginx content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 9AF0	43 B 376 B	41ms 8ms	Image image/gif	35.156.198.244 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5134455424281627578 Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.198.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-198-244.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:07 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame 9AF0	43 B 235 B	81ms 16ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455424281627578&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} Requested by Host: www.bibank.com URL: https://www.bibank.com/helping-hands-foundation Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20848799p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:07 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	visit Show response kernel-serve.banno.com/institutions/92ce25e0-a282-11e5-bf0f-3c15c2cdd5dc/profiles/12ffa50f-e8af-4974-afa7-c8dc9be677b8/	0 120 B	124ms 124ms	Script application/javascript	34.72.178.159 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://kernel-serve.banno.com/institutions/92ce25e0-a282-11e5-bf0f-3c15c2cdd5dc/profiles/12ffa50f-e8af-4974-afa7-c8dc9be677b8/visit?keywords=&url=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation Requested by Host: kernel-serve.banno.com URL: https://kernel-serve.banno.com/kernel.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.72.178.159 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 159.178.72.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:07 GMT cache-control no-cache, no-store, max-age=0 strict-transport-security max-age=15724800 content-length 0 content-type application/javascript
POST H/1.1	200 OK	pixel.gif pixel.alpharank.io/	35 B 545 B	600ms 171ms	Ping application/octet-stream	52.88.183.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.alpharank.io/pixel.gif?id=51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1&duid=4.32.4-x21g8biz-lttkw6wz&fp=f3908d2a4a8efce077b4610a82acc449&ev=pageload&v=4.32.4&dl=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&ts=1710562746503&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Helping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&bn=Chrome%20122&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36&tz=-60 Requested by Host: api.alpharank.io URL: https://api.alpharank.io/api/pixel/script/51b9390000f9e0844fbebf13ecd030a8c03d41202476360c69dcc52c5fcdc6c1?c=n&t=1710633600000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.183.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-183-153.us-west-2.compute.amazonaws.com Software nginx/1.12.2 / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:07 GMT Server nginx/1.12.2 X-Powered-By Express ETag W/"23-X71HIiL+uKIs9biqXcW44Tr4jis" Content-Type application/octet-stream Access-Control-Allow-Origin https://www.bibank.com Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 35
GET H/1.1	200 OK	resolve Show response people.api.boomtrain.com/identify/	150 B 465 B	444ms 137ms	XHR application/json	54.146.234.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiZWUxZTFmYzYtYjJkOS00NTFmLWEyM2MtZmNhYWU4NmI5ODEwOjE3MTA1NjI3NDYuNTg2NzMxIn19&site_id=bank-independent Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/bank-independent/p13n.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.146.234.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-146-234-103.compute-1.amazonaws.com Software nginx / Resource Hash 499e4f800cc052bb32bc8a55b57771ddbf65d2563e487eafd2e846e7bb8d1d33 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:07 GMT Server nginx Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type application/json Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers X-Requested-With,Content-Type,Authorization,x-app-id Content-Length 150
POST H2	200	track Show response events.api.boomtrain.com/event/	2 B 209 B	314ms 106ms	XHR text/plain	34.196.108.78 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.api.boomtrain.com/event/track Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/bank-independent/p13n.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.196.108.78 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-196-108-78.compute-1.amazonaws.com Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://www.bibank.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sat, 16 Mar 2024 04:19:07 GMT server nginx access-control-allow-headers X-Requested-With, Content-Type, Authorization, x-app-id content-length 2 access-control-allow-methods GET, PUT, POST, DELETE content-type text/plain
GET H/1.1	200 OK	pstats.html Show response a.rfihub.com/ Frame AB7D	26 B 830 B	58ms 15ms	Document text/html	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://a.rfihub.com/pstats.html?rb=49565&ca=20848799&ri=19f07ee9fb59241c6d3a8125881787bd&stats=undefined&ra=46478515371268236 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623 Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 26 Content-Type text/html;charset=iso-8859-1 Date Sat, 16 Mar 2024 04:19:08 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H2	200	377014.js Show response js-na1.hs-scripts.com/	2 KB 1 KB	164ms 19ms	Script application/javascript	2606:4700::6810:be59
General Check archive.org Show headers Download Go to Full URL https://js-na1.hs-scripts.com/377014.js Requested by Host: js.hs-analytics.net URL: https://js.hs-analytics.net/analytics/1710562800000/377014.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:be59 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash fb1e19cc2cbb1e4498f32d0ef15093f8e7caf1d31ef5ef10af6b01f37816f133 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:11 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-hubspot-correlation-id 3dbe55b9-c823-4451-a80c-8671e50a6243 x-evy-trace-route-service-name envoyset-translator cf-polished origSize=1982 age 3693 x-envoy-upstream-service-time 12 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 3dbe55b9-c823-4451-a80c-8671e50a6243 cf-bgj minify last-modified Sat, 16 Mar 2024 03:17:38 GMT server cloudflare x-trace 2B552A5EE033C8CAEA20BD523DA5DB48D79983F9ED000000000000000000 access-control-max-age 3600 vary origin, Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.bibank.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-59d6fb747d-dx9pw x-evy-trace-virtual-host all access-control-allow-credentials true cf-ray 8651f18ebd7a65b0-FRA
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	279ms 135ms	Image image/gif	2606:4700::6813:9a53
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=554772544&v=1.1&a=377014&pu=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&t=Helping+Hands+Foundation+%E2%80%BA+Bank+Independent&cts=1710562751642&vi=ed07c8955438af71a31ad80010d340ab&nc=true&ce=false&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:11 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 245eadf6-4ea0-45ed-87b9-e9f81c8271b6 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 11 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 245eadf6-4ea0-45ed-87b9-e9f81c8271b6 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ScK114JT1JiZtVl5VP9pfySOa9RS5K16BZEPGLMSoexKLyCUoQHcf3hGhGZsg0V023nlKKd%2F9B5kIg9srf0cKJyvi10tdJgz3CawOjLQqZvUXTg%2B5Ugi8jMM3uGRlzLZBhqkHFYMDj5lMrRLdZeS"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-m8f89 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8651f18ebdc83a60-FRA x-robots-tag none
GET H2	200	cv Show response adservices.brandcdn.com/pixel/ Frame F62E	4 KB 2 KB	153ms 153ms	Document text/html	52.9.76.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adservices.brandcdn.com/pixel/cv?aid=258243&cv_ck=6e1581a6-bf88-4133-8adb-57218ea8b0bc&m=www.bibank.com&r= Requested by Host: adservices.brandcdn.com URL: https://adservices.brandcdn.com/pixel/cv_pixel.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.9.76.143 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-9-76-143.us-west-1.compute.amazonaws.com Software Apache/2.4.52 (Ubuntu) / Resource Hash 6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe Request headers Referer https://www.bibank.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 1137 content-location cv.html content-type text/html date Sat, 16 Mar 2024 04:19:11 GMT etag "1002-5f9d69bae4944;5f9d69bae4944 last-modified Fri, 21 Apr 2023 11:03:33 GMT server Apache/2.4.52 (Ubuntu) tcn choice vary negotiate,Accept-Encoding
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	14ms 14ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1723603127&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&ul=en-us&de=UTF-8&dt=Helping%20Hands%20Foundation%20%E2%80%BA%20Bank%20Independent&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25&el=%2Fhelping-hands-foundation&_u=aGDACEABBAAAAGAAI~&jid=1365145300&gjid=1650006436&cid=97240971.1710562746&tid=UA-24666000-1&_gid=951159218.1710562746&_r=1&gtm=45He43d0n81NXP8N22v78288638za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=905066107 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.bibank.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	19ms 18ms	XHR text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-24666000-1&cid=97240971.1710562746&jid=1365145300&gjid=1650006436&_gid=951159218.1710562746&npa=1&_u=aGDACEABBAAAAGAAI~&z=800164921 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bibank.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 16 Mar 2024 04:19:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bibank.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	17ms 16ms	Image image/gif	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24666000-1&cid=97240971.1710562746&jid=1365145300&npa=1&_u=aGDACEABBAAAAGAAI~&z=294808249 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	18ms 17ms	Image image/gif	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24666000-1&cid=97240971.1710562746&jid=1365145300&npa=1&_u=aGDACEABBAAAAGAAI~&z=294808249 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sat, 16 Mar 2024 04:19:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	banner.js Show response js.hs-banner.com/v2/377014/	70 KB 23 KB	343ms 309ms	Script text/javascript	2606:4700:4400::6812:22e5
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/377014/banner.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/377014.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:22e5 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 41da77372d714215b3f533a8ab16fcc007ba0a0f2e86fd06a36688b68962427c Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:12 GMT x-amz-version-id CPNch2etDbguxMtFm1Xo7PS06X3RvJwK content-encoding br cf-cache-status REVALIDATED x-amz-request-id 8FJ5GJDK1DJ293DV x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id dab33d02-643c-4d62-958a-e0c3d63f2a5b x-envoy-upstream-service-time 83 x-amz-id-2 vt2oNuTOfDR6O+CUPqgEzrP7Az62E0KG1osYJIZgZk6ywRLZAq43kCUaQCqJdAajK+MAKoE1QlI= x-evy-trace-listener listener_https x-request-id dab33d02-643c-4d62-958a-e0c3d63f2a5b x-evy-trace-route-configuration listener_https/all last-modified Wed, 06 Mar 2024 15:17:14 GMT server cloudflare etag W/"a7bd4c48fe439a7ea830f9da48497468" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.bibank.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 8651f18f0e4d4d8b-FRA expires Sat, 16 Mar 2024 04:24:12 GMT
GET H2	200	web-interactives-embed.js Show response js.hubspot.com/	84 KB 25 KB	151ms 120ms	Script application/javascript	2606:4700::6813:9b53
General Check archive.org Show headers Download Go to Full URL https://js.hubspot.com/web-interactives-embed.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/377014.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 989d0ff16db0110879e677d9ef14c48e83b028831830566393225fb0c39fe2fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bibank.com/ Origin https://www.bibank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.932/bundles/project.js&cfRay=8651f18f0d699250-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"35c4e3d2f89657082d5372c7bc6e79d3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control max-age=600 x-hs-target-asset web-interactives-embed/static-2.932/bundles/project.js date Sat, 16 Mar 2024 04:19:11 GMT x-amz-version-id cAhbXPz2og2F4B.zBTxw9oB4G3dvep2P via 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 9b47b8ac-be36-4dcf-a071-3ea7c7ec3a6a x-cache Hit from cloudfront cache-tag staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 3 x-evy-trace-route-configuration listener_https/all x-request-id 9b47b8ac-be36-4dcf-a071-3ea7c7ec3a6a last-modified Wed, 28 Feb 2024 14:13:53 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y0wiRjIE4mDHq8EnU574iENZOoVJQEDPmVWX8NYlh0dx9uS3l5MxFxIjWiJd7nS1atu0DbYU0aVs8yodt49owfHJPgH9xt8IQJLqeLE%2FJZbA2F4RN2q55iIrWysdtrY0l%2FlNOQV9GnbQQZXq"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-576f9d768-2qqmj cf-ray 8651f18f0d699250-FRA x-amz-cf-id pa0WccbkryR449HedU5G6luoxSjOU6DRQpYynuJdmAVf6oHU2SXqcw==
GET H2	200	leadflows.js Show response js.hsleadflows.net/	551 KB 88 KB	173ms 140ms	Script application/javascript	2606:4700::6812:7b0c
General Check archive.org Show headers Download Go to Full URL https://js.hsleadflows.net/leadflows.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/377014.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:7b0c -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 3c32e9ab0ccedf342c2a0e71be3458af47d414cf533782f75089783785c4d4d1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.bibank.com/ Origin https://www.bibank.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1329/bundle/main/lead-flows-release.js&cfRay=8651f18f09d75b7a-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"75205c986afbc5fe9256e7dd487bc55a" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=86400, max-age=0 x-hs-target-asset lead-flows-js/static-1.1329/bundle/main/lead-flows-release.js date Sat, 16 Mar 2024 04:19:11 GMT x-amz-version-id aoZ_DtvbO1o7fZaocTkGy0Zb3EXAIY7Q via 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id ae18a56f-f97b-4f63-86df-ba42d4ce2c21 x-cache RefreshHit from cloudfront cache-tag staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod x-envoy-upstream-service-time 36 x-evy-trace-route-configuration listener_https/all x-request-id ae18a56f-f97b-4f63-86df-ba42d4ce2c21 last-modified Tue, 05 Mar 2024 09:54:53 UTC server cloudflare access-control-max-age 3000 x-hs-cache-status MISS x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-576f9d768-gjs7x cf-ray 8651f18f09d75b7a-FRA x-amz-cf-id JpD6c-mq_8TrlZ3m9eabTCu_nfB7crtI_dWNPICpv_iKsU_WbnuY3w==
GET H2	200	cv_confirm.png adservices.brandcdn.com/pixel/ Frame F62E	68 B 555 B	157ms 157ms	Image image/png	52.9.76.143 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adservices.brandcdn.com/pixel/cv_confirm.png?aid=258243&buid=6e1581a6-bf88-4133-8adb-57218ea8b0bc&m=www.bibank.com&r=&oid=11000497 Requested by Host: adservices.brandcdn.com URL: https://adservices.brandcdn.com/pixel/cv?aid=258243&cv_ck=6e1581a6-bf88-4133-8adb-57218ea8b0bc&m=www.bibank.com&r= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.9.76.143 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-9-76-143.us-west-1.compute.amazonaws.com Software Apache/2.4.52 (Ubuntu) / Resource Hash 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20 Request headers accept-language de-DE,de;q=0.9 Referer https://adservices.brandcdn.com/pixel/cv?aid=258243&cv_ck=6e1581a6-bf88-4133-8adb-57218ea8b0bc&m=www.bibank.com&r= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:12 GMT last-modified Fri, 21 Apr 2023 11:03:33 GMT server Apache/2.4.52 (Ubuntu) accept-ranges bytes etag "44-5f9d69bae4944" content-length 68 content-type image/png
GET H2	200	combinedConfigs Show response cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/	433 B 1 KB	311ms 292ms	Fetch application/json	2606:4700::6813:9b53
General Check archive.org Show headers Download Go to Full URL https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=377014&currentUrl=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation&utk=ed07c8955438af71a31ad80010d340ab&__hstc=48259257.ed07c8955438af71a31ad80010d340ab.1710562751641.1710562751641.1710562751641.1&__hssc=48259257.1.1710562751641 Requested by Host: js.hubspot.com URL: https://js.hubspot.com/web-interactives-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 6fdbedbc-cdb6-4816-973d-32577ef906f0 content-encoding br x-envoy-upstream-service-time 10 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 6fdbedbc-cdb6-4816-973d-32577ef906f0 server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://www.bibank.com x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials true cache-control max-age=0, no-cache, no-store report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0Z7U7Pqasi4wdNvuzjlJuw50lYJ0sKSX9riPoToTZIpA4UzP7Dn%2BDA%2FM8JQmUjAMGYQsnSVdGLQLMhgyMf1tvF3bj6%2BYIhulfJ5SzZ5xmVFWYOBNXNj7T4rM9f%2FFr89LNLeiFe2qqGY1RwH5NRdxkOEjDjGHTbYjCY%3D"}],"group":"cf-nel","max_age":604800} x-robots-tag noindex, follow access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 8651f18ffdc99250-FRA x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-bfd765d7d-xtpfl
GET H2	200	json Show response forms.hubspot.com/lead-flows-config/v1/config/	178 B 1 KB	153ms 137ms	XHR application/json	2606:4700::6813:9b53
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=377014&utk=ed07c8955438af71a31ad80010d340ab&__hstc=48259257.ed07c8955438af71a31ad80010d340ab.1710562751641.1710562751641.1710562751641.1&__hssc=48259257.1.1710562751641&currentUrl=https%3A%2F%2Fwww.bibank.com%2Fhelping-hands-foundation Requested by Host: js.hsleadflows.net URL: https://js.hsleadflows.net/leadflows.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash f2e59baa6d66538e40679bc2e42a184ce12b315d26ae60e5ba68529545c49d10 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sat, 16 Mar 2024 04:19:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id c92d0ee9-ec60-40e7-b1db-90df6e5acd78 content-encoding br x-envoy-upstream-service-time 24 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c92d0ee9-ec60-40e7-b1db-90df6e5acd78 server cloudflare vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.bibank.com x-evy-trace-virtual-host all cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-bfd765d7d-5xsfj access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bekgXkgOfUzUCGymQHdRb6btzjcamTo%2BGVGl%2FwPvaymeSlGmWLT%2BeTBs8BITX9zoW7zhHBVtLE7AmZ8sNmXs2Ludd7tjX6CqL1tNYTP%2B3avfvlrwLuLA4QKBwrUoibZAbyzSugh6Jl6RkFvxdwtH"}],"group":"cf-nel","max_age":604800} x-robots-tag none access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 8651f1916e5a9250-FRA
GET H/1.1	200 OK	counters.gif perf-na1.hsforms.com/embed/v3/	35 B 1 KB	155ms 123ms	Image image/gif	2606:4700::6812:b07d
General Check archive.org Show headers Download Go to Show image Full URL https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b07d -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.bibank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 04:19:12 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status MISS x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id e5b61233-0cc8-4215-b693-86c361187d59 x-envoy-upstream-service-time 5 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id e5b61233-0cc8-4215-b693-86c361187d59 Last-Modified Sat, 16 Mar 2024 04:19:12 GMT Server cloudflare X-Trace 2BDBF34E399F0D50D3E81154B1A974539C866B9F26000000000000000000 Vary origin, Accept-Encoding Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-bfd765d7d-ndvzs Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false Accept-Ranges bytes X-Robots-Tag none CF-RAY 8651f1920da83624-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff2/Gotham-Bold_Web.woff2

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff2/Gotham-Book_Web.woff2

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff2/Gotham-Light_Web.woff2

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff2/Gotham-Medium_Web.woff2

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff/Gotham-Bold_Web.woff

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff/Gotham-Medium_Web.woff

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff/Gotham-Light_Web.woff

Domain

fonts.bibank.com

URL

https://fonts.bibank.com/hco_fonts/woff/Gotham-Book_Web.woff

Domain

x.dlx.addthis.com

URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5107433833071439910