public.websteronline.com Open in urlscan Pro
3.218.70.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.websterbank.com/?qs=4dd4c36656a00bab476bb53be70a4c3304ff1a3e3da5f71fa6dd003dd02dcb790f1a71b8d84ca3f239828e34968d...
Effective URL:
https://public.websteronline.com/commercial
Submission: On October 01 via api (October 1st 2021, 1:30:46 pm UTC) from US — Scanned from DE

Summary HTTP 144 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 71 IPs in 9 countries across 76 domains to perform 144 HTTP transactions. The main IP is 3.218.70.254, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is public.websteronline.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 20th 2020. Valid for: 2 years.

This is the only time public.websteronline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.23.189 13.111.23.189	22606 (EXACT-7) (EXACT-7)
2 12	3.218.70.254 3.218.70.254	14618 (AMAZON-AES) (AMAZON-AES)
2	12.216.193.69 12.216.193.69	39989 (WEBSTER-BANK) (WEBSTER-BANK)
1	13.108.250.6 13.108.250.6	14340 (SALESFORCE) (SALESFORCE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
2	12.216.193.68 12.216.193.68	39989 (WEBSTER-BANK) (WEBSTER-BANK)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	13.108.251.135 13.108.251.135	14340 (SALESFORCE) (SALESFORCE)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1 5	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	104.111.227.33 104.111.227.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:21f... 2600:9000:21f3:9400:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	185.167.164.51 185.167.164.51	198622 (ADFORM) (ADFORM)
1	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1	130.211.141.45 130.211.141.45	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 6	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	54.224.36.233 54.224.36.233	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7 7	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 3	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1 4	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.18.85.49 52.18.85.49	16509 (AMAZON-02) (AMAZON-02)
3	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.157.2.63 35.157.2.63	16509 (AMAZON-02) (AMAZON-02)
1 1	13.225.87.93 13.225.87.93	16509 (AMAZON-02) (AMAZON-02)
1	3.211.82.118 3.211.82.118	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4200:787a:99c3:22c2:11ca	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.158.92.16 18.158.92.16	16509 (AMAZON-02) (AMAZON-02)
2	54.195.112.3 54.195.112.3	16509 (AMAZON-02) (AMAZON-02)
2 3	3.123.161.47 3.123.161.47	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 8	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 16	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
2 3	52.57.38.160 52.57.38.160	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.157.138.20 35.157.138.20	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.184.95.242 18.184.95.242	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
4 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
3 3	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.211.146.69 52.211.146.69	16509 (AMAZON-02) (AMAZON-02)
1	52.218.80.20 52.218.80.20	16509 (AMAZON-02) (AMAZON-02)
1 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
5 6	139.162.146.37 139.162.146.37	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	51.77.65.171 51.77.65.171	16276 (OVH) (OVH)
1 1	145.239.1.221 145.239.1.221	16276 (OVH) (OVH)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	80.85.85.173 80.85.85.173	63949 (LINODE-AP...) (LINODE-AP Linode)
1 2	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.225.87.126 13.225.87.126	16509 (AMAZON-02) (AMAZON-02)
2 2	52.86.83.177 52.86.83.177	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.127.92.82 3.127.92.82	16509 (AMAZON-02) (AMAZON-02)
3 4	51.75.146.199 51.75.146.199	16276 (OVH) (OVH)
4 4	164.132.158.126 164.132.158.126	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:20e... 2600:9000:20eb:0:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	13.110.71.224 13.110.71.224	14340 (SALESFORCE) (SALESFORCE)
144	71

1 13.111.23.189 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.email.websterbank.com

click.email.websterbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.218.70.254 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-70-254.compute-1.amazonaws.com

public.websteronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 12.216.193.69 (New Haven, United States)

ASN39989 (WEBSTER-BANK, US)

static.websteronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.108.250.6 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl5-ord.la1-c1cs-ord.salesforceliveagent.com

c.la1-c1cs-ord.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 12.216.193.68 (New Haven, United States)

ASN39989 (WEBSTER-BANK, US)

www.websteronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.108.251.135 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl8-ord.la1-c2-ord.salesforceliveagent.com

d.la1-c2-ord.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.227.33 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-227-33.deploy.static.akamaitechnologies.com

libs.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tmscdn.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:9400:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.51 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.141.45 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 45.141.211.130.bc.googleusercontent.com

tn.alphonso.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20825635p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.36.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-36-233.compute-1.amazonaws.com

data.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.36 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.18.85.49 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.2.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-2-63.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.93 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-93.fra2.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.82.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-82-118.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:787a:99c3:22c2:11ca (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.92.16 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.112.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-112-3.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.123.161.47 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-161-47.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.6.245 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.38.160 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-38-160.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.138.20 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-138-20.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.95.242 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-95-242.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.243.60.138 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.143.3 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.146.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-146-69.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.80.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.162.146.37 (Frankfurt am Main, Germany) 5 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1413-37.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.171 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: tags10.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.1.221 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: adn22.smartstream.tv

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.85.85.173 (London, United Kingdom) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li749-173.members.linode.com

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-126.fra2.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.83.177 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-83-177.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.92.82 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-82.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.146.199 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: p12.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 164.132.158.126 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip126.ip-164-132-158.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.149.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:0:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.71.224 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl8-ncg1-c6-iad5.la4-c2-ia5.salesforceliveagent.com

d.la4-c2-ia5.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	adform.net 4 redirects a2.adform.net s2.adform.net c1.adform.net dmp.adform.net	40 KB
16	websteronline.com 2 redirects public.websteronline.com static.websteronline.com www.websteronline.com	1 MB
13	tiqcdn.com tags.tiqcdn.com	49 KB
8	mathtag.com 2 redirects pixel.mathtag.com	7 KB
8	doubleclick.net 7 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
8	typekit.net use.typekit.net p.typekit.net	219 KB
7	adsafety.net 6 redirects cm.adsafety.net tags.adsafety.net	12 KB
7	coremetrics.com libs.coremetrics.com data.coremetrics.com tmscdn.coremetrics.com	52 KB
6	rfihub.com 2 redirects 20825635p.rfihub.com a.rfihub.com p.rfihub.com	9 KB
5	semasio.net 4 redirects uipglob.semasio.net	3 KB
5	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	rlcdn.com 1 redirects di.rlcdn.com idsync.rlcdn.com	1 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	2 KB
4	id5-sync.com 3 redirects id5-sync.com	6 KB
4	exelator.com 3 redirects loadm.exelator.com load77.exelator.com loada.exelator.com	3 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
3	360yield.com 2 redirects ad.360yield.com ice.360yield.com	1 KB
3	bidswitch.net 2 redirects x.bidswitch.net	1016 B
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com	3 KB
3	eyeota.net ps.eyeota.net	1 KB
3	demdex.net 2 redirects dpm.demdex.net	3 KB
3	bluekai.com 1 redirects stags.bluekai.com tags.bluekai.com	1 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	bing.com bat.bing.com	10 KB
3	googletagmanager.com www.googletagmanager.com	126 KB
3	salesforceliveagent.com c.la1-c1cs-ord.salesforceliveagent.com d.la1-c2-ord.salesforceliveagent.com d.la4-c2-ia5.salesforceliveagent.com	43 KB
2	3lift.com 1 redirects eb2.3lift.com	718 B
2	tapad.com 2 redirects pixel.tapad.com	906 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	579 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	audrte.com 2 redirects a.audrte.com	2 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	913 B
2	smartstream.tv 2 redirects ads.smartstream.tv cm.smartstream.tv	1 KB
2	onaudience.com 1 redirects pixel.onaudience.com	733 B
2	openx.net 1 redirects eu-u.openx.net	470 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net	1017 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	679 B
2	adscale.de 2 redirects ih.adscale.de	693 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	607 B
2	krxd.net beacon.krxd.net	675 B
2	agkn.com 1 redirects aa.agkn.com	577 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	453 B
2	facebook.net connect.facebook.net	94 KB
2	youtube.com www.youtube.com	46 KB
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	240 B
1	teads.tv sync.teads.tv	172 B
1	userreport.com pdw-adf.userreport.com	476 B
1	pubmatic.com simage2.pubmatic.com	543 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net	406 B
1	mgid.com cm.mgid.com	853 B
1	stickyadstv.com ads.stickyadstv.com	712 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	yieldlab.net ad.yieldlab.net	522 B
1	seadform.net a1.seadform.net	344 B
1	tremorhub.com partners.tremorhub.com	183 B
1	addthis.com x.dlx.addthis.com	191 B
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	788 B
1	serving-sys.com bs.serving-sys.com	105 B
1	media.net contextual.media.net	696 B
1	google.de www.google.de	569 B
1	google.com www.google.com	569 B
1	facebook.com www.facebook.com	426 B
1	googleadservices.com www.googleadservices.com	14 KB
1	alphonso.tv tn.alphonso.tv	271 B
1	rfihub.net c1.rfihub.net	6 KB
1	nr-data.net bam-cell.nr-data.net	930 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	websterbank.com 1 redirects click.email.websterbank.com	232 B
0	ib-ibi.com Failed global.ib-ibi.com Failed
144	76

	Domain	Requested by
13	tags.tiqcdn.com	public.websteronline.com tags.tiqcdn.com
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
12	public.websteronline.com	2 redirects public.websteronline.com
8	pixel.mathtag.com	2 redirects a2.adform.net pixel.mathtag.com
7	cm.g.doubleclick.net	7 redirects
7	use.typekit.net	public.websteronline.com use.typekit.net
6	cm.adsafety.net	5 redirects c1.adform.net
5	uipglob.semasio.net	4 redirects c1.adform.net
4	cookie-matching.mediarithmics.com	4 redirects
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	match.adsrvr.org	4 redirects
4	idsync.rlcdn.com	1 redirects c1.adform.net
4	p.rfihub.com	2 redirects
4	a2.adform.net	2 redirects a2.adform.net
4	libs.coremetrics.com	tags.tiqcdn.com libs.coremetrics.com tmscdn.coremetrics.com
3	x.bidswitch.net	2 redirects
3	dsum-sec.casalemedia.com	1 redirects c1.adform.net
3	ps.eyeota.net	c1.adform.net
3	dpm.demdex.net	2 redirects
3	ib.adnxs.com	2 redirects
3	www.google-analytics.com	www.googletagmanager.com
3	bat.bing.com	tags.tiqcdn.com bat.bing.com
3	www.googletagmanager.com	tags.tiqcdn.com www.googletagmanager.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	a.audrte.com	2 redirects
2	secure.adnxs.com	1 redirects c1.adform.net
2	dsp.adfarm1.adition.com	2 redirects
2	pixel.onaudience.com	1 redirects c1.adform.net
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	c1.adform.net
2	aa.agkn.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	tmscdn.coremetrics.com	libs.coremetrics.com tmscdn.coremetrics.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	www.websteronline.com	static.websteronline.com
2	www.youtube.com	public.websteronline.com www.youtube.com
2	static.websteronline.com	public.websteronline.com
1	d.la4-c2-ia5.salesforceliveagent.com	c.la1-c1cs-ord.salesforceliveagent.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	cm.smartstream.tv	1 redirects
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	loada.exelator.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	load77.exelator.com	c1.adform.net
1	cm.mgid.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	a1.seadform.net
1	partners.tremorhub.com
1	x.dlx.addthis.com
1	bpi.rtactivate.com
1	live.rezync.com	1 redirects
1	bs.serving-sys.com
1	contextual.media.net
1	pixel.rubiconproject.com
1	stags.bluekai.com	1 redirects
1	a.rfihub.com
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.facebook.com
1	www.googleadservices.com	www.googletagmanager.com
1	data.coremetrics.com
1	20825635p.rfihub.com	c1.rfihub.net
1	tn.alphonso.tv
1	s2.adform.net
1	c1.rfihub.net	tags.tiqcdn.com
1	di.rlcdn.com	tags.tiqcdn.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	d.la1-c2-ord.salesforceliveagent.com	c.la1-c1cs-ord.salesforceliveagent.com
1	js-agent.newrelic.com	public.websteronline.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	public.websteronline.com
1	c.la1-c1cs-ord.salesforceliveagent.com	public.websteronline.com
1	click.email.websterbank.com	1 redirects
0	global.ib-ibi.com Failed	c1.adform.net
144	98

This site contains links to these domains. Also see Links.

Domain
www.websteronline.com
webstermoments.com
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.com
www.youtube.com
careers.websteronline.com
webster.gcs-web.com

Subject Issuer	Validity	Valid
public.websteronline.com Entrust Certification Authority - L1K	`2020-06-20` - `2022-06-20`	2 years	crt.sh
static.websteronline.com Entrust Certification Authority - L1M	`2020-08-24` - `2022-08-24`	2 years	crt.sh
la1-c1cs-ord.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-13` - `2022-04-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
www.websteronline.com Entrust Certification Authority - L1M	`2020-06-15` - `2022-06-15`	2 years	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
la1-c2-ord.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-26` - `2022-04-25`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.coremetrics.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.rfihub.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
alphonso.tv R3	`2021-09-01` - `2021-11-30`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.eyeota.net R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.seadform.net DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-03`	a year	crt.sh
*.360yield.com Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
1605158521.rsc.cdn77.org R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.adsafety.net R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
sync.1dmp.io R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
la4-c2-ia5.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-22` - `2022-01-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://public.websteronline.com/commercial
Frame ID: 8EDE35E4EE6D4519F8BF02B17D8B281E
Requests: 72 HTTP requests in this frame

Frame: https://di.rlcdn.com/468366.html?pdata=page_id%3DCOMMERCIAL
Frame ID: 8D3820E410A4EE355E5CFAE81456EC05
Requests: 1 HTTP requests in this frame

Frame: https://20825635p.rfihub.com/ca.html?_o=30049&_t=commercial&ver=9&rb=30049&ca=20825635&t=other&pid=&pe=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&pf=&ra=9913459835218648
Frame ID: 266E9505EEEF6086B406A963D8C40309
Requests: 20 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2011421&lid=75390617&ctype=0&media=0&PageName=public.websteronline.com%2fcommercial&rnd=1405236464&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2fcommercial
Frame ID: 1533FC130664C4C19436B56018BFBF09
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Frame ID: E1960580B9A7B4F00100FF5C471A1FFA
Requests: 45 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=ba1e6157-0d81-4a00-889d-2447b459e3ff&no_iframe=1&mt_adid=206701&source=mathtag
Frame ID: 23DAD47ABDF669244CCE3C549FA7573A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Commercial Banking, Risk Management, & Treasury | Webster BankWebster-monogram

Page URL History Show full URLs

https://click.email.websterbank.com/?qs=4dd4c36656a00bab476bb53be70a4c3304ff1a3e3da5f71fa6dd003dd02dcb790f1a71b8... HTTP 302
https://public.websteronline.com/commercial-institutional HTTP 301
https://public.websteronline.com/commercial Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

^(?:https?:)?//tags\.tiqcdn\.com/

Yieldlab (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

^https?://(?:[^/]+\.)?yieldlab\.net/

Page Statistics

144
Requests

99 %
HTTPS

18 %
IPv6

76
Domains

98
Subdomains

71
IPs

9
Countries

1810 kB
Transfer

4325 kB
Size

140
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.websteronline.com/bank/ds?action=df_reqUsername-reqUsername
Title: Forgot your username?

Search URL Search Domain Scan URL

URL: https://www.websteronline.com/bank/ds?action=df_logincontroller-PasswordReset&relogin=true
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.websteronline.com/bank/enroll
Title: Enroll

Search URL Search Domain Scan URL

URL: https://webstermoments.com/story/1/triumvirate-environmental
Title: Watch

Search URL Search Domain Scan URL

URL: https://www.facebook.com/websterbank
Title: https://www.facebook.com/websterbank

Search URL Search Domain Scan URL

URL: https://twitter.com/WebsterBank
Title: https://twitter.com/WebsterBank

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/webster-bank
Title: https://www.linkedin.com/company/webster-bank

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/officialwebsterbank/
Title: https://www.pinterest.com/officialwebsterbank/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/websterfinancial
Title: https://www.youtube.com/websterfinancial

Search URL Search Domain Scan URL

URL: https://careers.websteronline.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://webster.gcs-web.com/
Title: Investor Relations

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.websterbank.com/?qs=4dd4c36656a00bab476bb53be70a4c3304ff1a3e3da5f71fa6dd003dd02dcb790f1a71b8d84ca3f239828e34968d827c6363ecd8f63a9c9b HTTP 302
https://public.websteronline.com/commercial-institutional HTTP 301
https://public.websteronline.com/commercial Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://public.websteronline.com/wolstatic/js/vendor/common2.js HTTP 302
https://static.websteronline.com/wolstatic/js/vendor/common2.js

Request Chain 46

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 69

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MjE1OTgyNzg3NDE2NzM4OTg0Mw==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESED4pfb6wWFst095ROYqXm1E&google_cver=1

Request Chain 70

https://ib.adnxs.com/setuid?entity=18&code=2159827874167389843 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D2159827874167389843

Request Chain 71

https://stags.bluekai.com/site/4722?id=2159827874167389843&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 73

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=2159827874167389843&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=2159827874167389843&redir=

Request Chain 74

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=2159827874167389843&bid=omt9pi0

Request Chain 77

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2159827874167389843&referrer=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=2f00fe3a-4464-4214-aceb-c72708b698d4%3A1633095043.06&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D2f00fe3a-4464-4214-aceb-c72708b698d4%253A1633095043.06 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=2f00fe3a-4464-4214-aceb-c72708b698d4%3A1633095043.06 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOkm2QaAwvbtIbPF3DDalsA&google_cver=1

Request Chain 79

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2159827874167389843&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2159827874167389843&forward=&C=1

Request Chain 82

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2159827874167389843&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2159827874167389843&img=1&__user_check__=1&sync_id=c5c5d821-22bb-11ec-8265-12c786060306

Request Chain 86

https://x.bidswitch.net/sync?dsp_id=119&user_id=2159827874167389843&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=2159827874167389843&expires=30

Request Chain 87

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YVcNgQAFxaJPzAAT HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YVcNgQAFxaJPzAAT&_test=YVcNgQAFxaJPzAAT

Request Chain 88

https://a2.adform.net/Serving/TrackPoint/?pm=2011421&ADFdivider=%7C&ord=876137177496&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2011421&ADFdivider=%7C&ord=876137177496&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial

Request Chain 95

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2399074992399806410&Expiration=1634304641 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2399074992399806410&Expiration=1634304641

Request Chain 98

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2399074992399806410&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2399074992399806410&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=2f96680f87164280a495f58dbf3234a2 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=51d377da8dabbcf16aba3c097d5b0cf6717a317b40cf08c5abe7fe96222511dc

Request Chain 100

https://pixel.advertising.com/ups/55944/sync?uid=2399074992399806410&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=2399074992399806410&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2399074992399806410&_origin=1&apid=UPc5f48d6a-22bb-11ec-85d2-061330fd91a8 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2399074992399806410&_origin=1&apid=UPc5f48d6a-22bb-11ec-85d2-061330fd91a8&verify=true

Request Chain 102

https://x.bidswitch.net/sync?dsp_id=70&user_id=2399074992399806410 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=eaed8f56-a901-4fe9-838b-15e47d57f76a&gdpr=&gdpr_consent=&us_privacy=

Request Chain 104

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2399074992399806410&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2399074992399806410&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=ba1e6157-0d81-4a00-889d-2447b459e3ff&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=8ed5d710-500f-40cc-a3bd-77166f1e176a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QTc1MkQzQTE3MERFMjM3QQ&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESED5zX3MnMGFb25eSloLbUqQ&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 106

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2399074992399806410 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2399074992399806410&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 108

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2399074992399806410 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2399074992399806410

Request Chain 110

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2399074992399806410 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2399074992399806410

Request Chain 111

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 112

https://pixel.onaudience.com/?mapped=2399074992399806410&partner=68 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ca917d20fde0a023c558c6f172ed3e75

Request Chain 113

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2399074992399806410 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM120211001139697fdcc636b7ce5f83&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=fb9a0faa67cee5ad00fddd33816ea81d HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120211001139697fdcc636b7ce5f83&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=fb9a0faa67cee5ad00fddd33816ea81d&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEwMDExMzk2OTdmZGNjNjM2YjdjZTVmODM HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEPjM7k242ceiuvuz9BY8suc&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120211001139697fdcc636b7ce5f83 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2399074992399806410 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7014089792373192843 HTTP 302
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7014089792373192843

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjM5OTA3NDk5MjM5OTgwNjQxMA HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKOtjrBpRZHYCTak8NDz8_E&google_cver=1&google_ula=1641347,0

Request Chain 117

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=8319136382819908135&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=2399074992399806410

Request Chain 120

https://a.audrte.com/a?adform_uid=2399074992399806410 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEHb32HscOXHT-bX78R7NNfk&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=b0djvdAhlSVQ9Gfb8CpukGrag&gdpr=0&gdpr_consent=

Request Chain 121

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2399074992399806410&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=40668554678314766864524860920074017292&noredirect=1

Request Chain 122

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2399074992399806410 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164981103926000204564

Request Chain 123

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7014089792373192843

Request Chain 125

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=ba1e6157-0d81-4a00-889d-2447b459e3ff

Request Chain 126

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=DFb0jSI41MwiCB5

Request Chain 127

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=8ed5d710-500f-40cc-a3bd-77166f1e176a

Request Chain 129

https://id5-sync.com/s/10/0.gif?puid=2399074992399806410 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=2399074992399806410&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOsdIOAPDUgMdDQWzHubzCkJ72_hcjpL91rRD0Rw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=6c8ae49b-2333-49fd-9126-d633e480b01f&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEPmZSAAWutMvZ0Sxptl_Blk&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPmZSAAWutMvZ0Sxptl_Blk&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8319136382819908135&opid=apx&ops=&utidl=tech:goo:CAESEPmZSAAWutMvZ0Sxptl_Blk&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A21168907242&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

Request Chain 130

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2470323905 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=6q.JechJeAQRZQutAZ2Lr.

Request Chain 132

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2399074992399806410 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2399074992399806410&cs=1

Request Chain 134

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2399074992399806410&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2399074992399806410&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=c3b97176-fabc-4903-b6f5-a05a7193a4fd

Request Chain 136

https://eb2.3lift.com/xuid?mid=7354&xuid=2399074992399806410&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2399074992399806410&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

144 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request commercial Show response
public.websteronline.com/
Redirect Chain

https://click.email.websterbank.com/?qs=4dd4c36656a00bab476bb53be70a4c3304ff1a3e3da5f71fa6dd003dd02dcb790f1a71b8d84ca3f239828e34968d827c6363ecd8f63a9c9b
https://public.websteronline.com/commercial-institutional
https://public.websteronline.com/commercial

99 KB
28 KB

96ms
96ms

Document
text/html

3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c5b1562fba8ccf5b8138a0fc9a7fdbc0397bee469df7e99f96921aea74305ce0

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'unsafe-inline' 'unsafe-eval' 'self' data: https:; report-uri /report-csp-violation
Strict-Transport-Security	max-age=1000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: public.websteronline.com
:scheme: https
:path: /commercial
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Fri, 01 Oct 2021 13:30:38 GMT
content-type: text/html; charset=UTF-8
content-length: 28236
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: max-age=3600, public
vary: Cookie
x-drupal-dynamic-cache: UNCACHEABLE
link: <https://public.websteronline.com/commercial>; rel="canonical" <https://public.websteronline.com/commercial>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
last-modified: Thu, 30 Sep 2021 15:25:00 GMT
etag: "1633015500"
x-generator: Drupal 8 (https://www.drupal.org)
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'unsafe-inline' 'unsafe-eval' 'self' data: https:; report-uri /report-csp-violation
x-xss-protection: 1; mode=block
strict-transport-security: max-age=1000; includeSubDomains; preload
x-drupal-cache: HIT
content-encoding: gzip
x-request-id: v-1939059a-22ad-11ec-8b7b-1ba488a8fb52
x-ah-environment: prod
age: 2675
via: varnish
x-cache: HIT
x-cache-hits: 20
accept-ranges: bytes

Redirect headers

server: nginx
date: Fri, 01 Oct 2021 13:30:38 GMT
content-type: text/html; charset=UTF-8
content-length: 9936
location: https://public.websteronline.com/commercial
x-redirect-id: 4296
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-generator: Drupal 8 (https://www.drupal.org)
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'unsafe-inline' 'unsafe-eval' 'self' data: https:; report-uri /report-csp-violation
x-xss-protection: 1; mode=block
strict-transport-security: max-age=1000; includeSubDomains; preload
x-drupal-cache: HIT
x-request-id: v-0d05f7e8-22bb-11ec-a372-cf016ee47f0d
x-ah-environment: prod
cache-control: max-age=900, public
age: 307
via: varnish
x-cache: HIT
x-cache-hits: 1

GET
H/1.1

200
OK

common2.js Show response
static.websteronline.com/wolstatic/js/vendor/
Redirect Chain

https://public.websteronline.com/wolstatic/js/vendor/common2.js
https://static.websteronline.com/wolstatic/js/vendor/common2.js

1 KB
1 KB

491ms
161ms

Script
application/javascript

12.216.193.69
WEBSTER-BANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/commercial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 12.216.193.69 New Haven, United States, ASN39989 (WEBSTER-BANK, US),
Reverse DNS
Software: /
Resource Hash: 157bca22e7401293105191b158564103237f7a69d3ccfd77fa6bbb774d83e72d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:39 GMT
Via: 1.1 google
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
X-Ion-Hop: Prod
Expires: 0

Redirect headers

date: Fri, 01 Oct 2021 13:30:38 GMT
via: varnish
x-content-type-options: nosniff
server: nginx
age: 0
x-cache: MISS
content-type: text/html; charset=iso-8859-1
location: https://static.websteronline.com/wolstatic/js/vendor/common2.js
cache-control: max-age=1209600
content-length: 247
x-request-id: v-c4404850-22bb-11ec-8d60-479421268d7a
expires: Fri, 15 Oct 2021 13:30:38 GMT

GET
H2 200 css_HENonPCm3C2EcVGm9le88wq24-TiwIHYV-cnmGsuA-4.css
public.websteronline.com/sites/default/files/css/ 8 KB
3 KB 97ms
96ms Stylesheet
text/css 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/sites/default/files/css/css_HENonPCm3C2EcVGm9le88wq24-TiwIHYV-cnmGsuA-4.css

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1c43689cf0a6dc2d847151a6f657bcf30ab6e3e4e2c081d857e727986b2e03ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_HENonPCm3C2EcVGm9le88wq24-TiwIHYV-cnmGsuA-4.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: public.websteronline.com
referer: https://public.websteronline.com/commercial
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/commercial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168393
x-cache: HIT
x-ah-environment: prod
content-length: 2230
x-request-id: v-5eab0be0-1633-11ec-b884-5372d3ebaac2
access-control-allow-origin: https://www.websteronline.com
last-modified: Thu, 09 Sep 2021 14:20:12 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/css
via: varnish
expires: Wed, 13 Oct 2021 14:44:05 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 87292

GET
H2 200 css_gk7Lay-Sxw1UNrdTB4DDZUfOaaK2aqlltyomQQR7joI.css
public.websteronline.com/sites/default/files/css/ 579 KB
104 KB 98ms
98ms Stylesheet
text/css 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/sites/default/files/css/css_gk7Lay-Sxw1UNrdTB4DDZUfOaaK2aqlltyomQQR7joI.css

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

824ecb6b2f92c70d5436b7530780c36547ce69a2b66aa965b72a2641047b8e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_gk7Lay-Sxw1UNrdTB4DDZUfOaaK2aqlltyomQQR7joI.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: public.websteronline.com
referer: https://public.websteronline.com/commercial
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/commercial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168393
x-cache: HIT
x-ah-environment: prod
content-length: 105634
x-request-id: v-0c1565fc-0b33-11ec-979e-c721a9e8e68f
access-control-allow-origin: https://www.websteronline.com
last-modified: Mon, 30 Aug 2021 14:20:28 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/css
via: varnish
expires: Wed, 13 Oct 2021 14:44:05 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 95741

GET
H2 200 hero-commercial.jpg
public.websteronline.com/sites/default/files/styles/hero_basic/public/2020-06/ 259 KB
254 KB 193ms
193ms Image
image/jpeg 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.websteronline.com/sites/default/files/styles/hero_basic/public/2020-06/hero-commercial.jpg?itok=j9ch3c2Z

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c421bd0ab6e93ad6d5a14be207226ea49d5c7abe6579574a84e12caa68cf8460

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/styles/hero_basic/public/2020-06/hero-commercial.jpg?itok=j9ch3c2Z
pragma: no-cache
cookie: WzPyZ2hU=A6q5DDx8AQAAX9PDdVublSjHt_p8fTHkB7MdDEe1ppZ5onp3xtbvAnFCLB8RAU4v0B6ucvlowH8AAEB3AAAAAA|1|0|bc7aa6a57b6bc49bbfb4c2e497125b8da65a8771
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: public.websteronline.com
referer: https://public.websteronline.com/commercial
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/commercial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159510
x-cache: HIT
x-ah-environment: prod
content-length: 259723
x-request-id: v-6106e984-2148-11ec-b54d-079b86766c3b
access-control-allow-origin: https://www.websteronline.com
last-modified: Sat, 13 Jun 2020 01:14:52 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
via: varnish
expires: Wed, 13 Oct 2021 17:12:09 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 72

GET
H2 200 js_PKeIfSMbiGCsVQfT_7AiOU9kGsydJ9UX2nVyGeJbuYo.js Show response
public.websteronline.com/sites/default/files/js/ 987 KB
297 KB 97ms
97ms Script
text/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/sites/default/files/js/js_PKeIfSMbiGCsVQfT_7AiOU9kGsydJ9UX2nVyGeJbuYo.js

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3ca7887d231b8860ac5507d3ffb022394f641acc9d27d517da757219e25bb98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/js/js_PKeIfSMbiGCsVQfT_7AiOU9kGsydJ9UX2nVyGeJbuYo.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: public.websteronline.com
referer: https://public.websteronline.com/commercial
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/commercial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168390
x-cache: HIT
x-ah-environment: prod
content-length: 303411
x-request-id: v-0e05f354-0b33-11ec-8f8d-dfb12feb0082
access-control-allow-origin: https://www.websteronline.com
last-modified: Mon, 30 Aug 2021 14:20:28 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/javascript
via: varnish
expires: Wed, 13 Oct 2021 14:44:08 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 53884

GET
H/1.1 200
OK deployment.js Show response
c.la1-c1cs-ord.salesforceliveagent.com/content/g/js/40.0/ 41 KB
41 KB 1031ms
118ms Script
application/javascript 13.108.250.6
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.la1-c1cs-ord.salesforceliveagent.com/content/g/js/40.0/deployment.js
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/commercial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.108.250.6 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: dcl5-ord.la1-c1cs-ord.salesforceliveagent.com
Software: Jetty /
Resource Hash: 9ab106bc0856b9a53e98dcfd530d1a25488a6fd46066e04f0fccecae2764167f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:40 GMT
Cache-Control: max-age=60, must-revalidate
Last-Modified: Wed, 29 Sep 2021 23:27:12 GMT
Server: Jetty
Accept-Ranges: bytes
Content-Length: 41802
Content-Type: application/javascript

GET
H2 200 js_OV2nz5hnfaerjt7K16h5EpvPF4nzShrrk0cnFCRGHmQ.js Show response
public.websteronline.com/sites/default/files/js/ 1 KB
907 B 95ms
95ms Script
text/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/sites/default/files/js/js_OV2nz5hnfaerjt7K16h5EpvPF4nzShrrk0cnFCRGHmQ.js

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

395da7cf98677da7ab8edecad7a879129bcf1789f34a1aeb9347271424461e64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/js/js_OV2nz5hnfaerjt7K16h5EpvPF4nzShrrk0cnFCRGHmQ.js
pragma: no-cache
cookie: WzPyZ2hU=A6q5DDx8AQAAX9PDdVublSjHt_p8fTHkB7MdDEe1ppZ5onp3xtbvAnFCLB8RAU4v0B6ucvlowH8AAEB3AAAAAA|1|0|bc7aa6a57b6bc49bbfb4c2e497125b8da65a8771
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: public.websteronline.com
referer: https://public.websteronline.com/commercial
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/commercial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168394
x-cache: HIT
x-ah-environment: prod
content-length: 513
x-request-id: v-b1c87e10-2133-11ec-abe0-d729565104bf
access-control-allow-origin: https://www.websteronline.com
last-modified: Thu, 23 Sep 2021 14:20:12 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/javascript
via: varnish
expires: Wed, 13 Oct 2021 14:44:05 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 94689

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 61ms
24ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9f277261030fc350875f351bc5ea5cbde683d28eff1ec5800b1a0162b0fe464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Fri, 01 Oct 2021 13:30:39 GMT

GET
H2 200 js_YxDinAgyyQZfsy0R0aafG3UHT2Nm_-Zlh7CMLv4_ZGg.js Show response
public.websteronline.com/sites/default/files/js/ 18 KB
5 KB 96ms
95ms Script
text/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/sites/default/files/js/js_YxDinAgyyQZfsy0R0aafG3UHT2Nm_-Zlh7CMLv4_ZGg.js

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6310e29c0832c9065fb32d11d1a69f1b75074f6366ffe66587b08c2efe3f6468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/js/js_YxDinAgyyQZfsy0R0aafG3UHT2Nm_-Zlh7CMLv4_ZGg.js
pragma: no-cache
cookie: WzPyZ2hU=A6q5DDx8AQAAX9PDdVublSjHt_p8fTHkB7MdDEe1ppZ5onp3xtbvAnFCLB8RAU4v0B6ucvlowH8AAEB3AAAAAA|1|0|bc7aa6a57b6bc49bbfb4c2e497125b8da65a8771
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: public.websteronline.com
referer: https://public.websteronline.com/commercial
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/commercial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168394
x-cache: HIT
x-ah-environment: prod
content-length: 4329
x-request-id: v-b1c9e5ca-2133-11ec-a25f-2b450e1b18b5
access-control-allow-origin: https://www.websteronline.com
last-modified: Thu, 23 Sep 2021 14:20:12 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/javascript
via: varnish
expires: Wed, 13 Oct 2021 14:44:05 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 94917

GET
H2 200 extlink.js Show response
public.websteronline.com/modules/contrib/extlink/ 12 KB
12 KB 97ms
96ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/modules/contrib/extlink/extlink.js?v=8.9.14

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a1b295ca39f3510a1dd3e4e1770c45b437e1927f99883352ad6f2ee72d44181b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /modules/contrib/extlink/extlink.js?v=8.9.14
pragma: no-cache
cookie: WzPyZ2hU=A6q5DDx8AQAAX9PDdVublSjHt_p8fTHkB7MdDEe1ppZ5onp3xtbvAnFCLB8RAU4v0B6ucvlowH8AAEB3AAAAAA|1|0|bc7aa6a57b6bc49bbfb4c2e497125b8da65a8771
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: public.websteronline.com
referer: https://public.websteronline.com/commercial
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/commercial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
via: varnish
x-content-type-options: nosniff
age: 168394
x-cache: HIT
x-cache-hits: 93694
x-ah-environment: prod
content-length: 12259
x-request-id: v-b9b4f058-0032-11ec-9db5-1f08c840d7f9
last-modified: Sat, 02 Jan 2021 11:46:48 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 13 Oct 2021 14:44:05 GMT

GET
H2 200 js_k0G8igVk6i0EqfbrKyllT5-R17xuESPjxFVzWL_72Hk.js Show response
public.websteronline.com/sites/default/files/js/ 371 KB
116 KB 99ms
98ms Script
text/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/sites/default/files/js/js_k0G8igVk6i0EqfbrKyllT5-R17xuESPjxFVzWL_72Hk.js

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9341bc8a0564ea2d04a9f6eb2b29654f9f91d7bc6e1123e3c4557358bffbd879

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/js/js_k0G8igVk6i0EqfbrKyllT5-R17xuESPjxFVzWL_72Hk.js
pragma: no-cache
cookie: WzPyZ2hU=A6q5DDx8AQAAX9PDdVublSjHt_p8fTHkB7MdDEe1ppZ5onp3xtbvAnFCLB8RAU4v0B6ucvlowH8AAEB3AAAAAA|1|0|bc7aa6a57b6bc49bbfb4c2e497125b8da65a8771
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: public.websteronline.com
referer: https://public.websteronline.com/commercial
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/commercial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168393
x-cache: HIT
x-ah-environment: prod
content-length: 117952
x-request-id: v-602ac26c-1633-11ec-bab8-1777f429e6b6
access-control-allow-origin: https://www.websteronline.com
last-modified: Tue, 14 Sep 2021 14:20:12 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/javascript
via: varnish
expires: Wed, 13 Oct 2021 14:44:06 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 53333

GET
H/1.1 200
OK common2.js Show response
static.websteronline.com/wolstatic/js/vendor/ 228 KB
131 KB 159ms
159ms Script
application/javascript 12.216.193.69
WEBSTER-BANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js?seed=AMAfDDx8AQAAdVFXeUWzFXwJGPWMgQ8AmOvDKXONx4lPaLrGFjZ2mr73_tud&liLH9u0HBU--z=q
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/wolstatic/js/vendor/common2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 12.216.193.69 New Haven, United States, ASN39989 (WEBSTER-BANK, US),
Reverse DNS
Software: /
Resource Hash: 9b536bd20b8743a0605e63afefdb6ef5e7429e36d6fff910d530145e06743d6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:39 GMT
Via: 1.1 google
Cache-Control: public, max-age=3600, immutable
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Ion-Hop: Prod
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700|Source+Code+Pro&display=swap

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/sites/default/files/css/css_gk7Lay-Sxw1UNrdTB4DDZUfOaaK2aqlltyomQQR7joI.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

266df72df542725c4d3db716f11d400d72479dff9527e4b825629ae8574cfdd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 13:30:40 GMT
server: ESF
date: Fri, 01 Oct 2021 13:30:40 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 01 Oct 2021 13:30:40 GMT

GET
H2 200 uuh7eht.css
use.typekit.net/ 9 KB
1 KB 337ms
319ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uuh7eht.css

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/sites/default/files/css/css_gk7Lay-Sxw1UNrdTB4DDZUfOaaK2aqlltyomQQR7joI.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b7bec3f0f0aa19fcfcd6df4663f7c636014a6e881f49087a454c0501575b96ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 01 Oct 2021 13:30:40 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1080

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 30ms
8ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uuh7eht&ht=tk&f=15498.15501.15505.15506.15507.15508.15509.15510.22792.22793.40090.40092&a=14144847&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 61 KB
14 KB 352ms
318ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/sites/default/files/js/js_PKeIfSMbiGCsVQfT_7AiOU9kGsydJ9UX2nVyGeJbuYo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0e05fe03476c4fa05670a29e7e373fa0cd6ae5fc43ad62c76938a7dd7d0625a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 13:19:29 GMT
server: AkamaiNetStorage
etag: "8ce973dfb37d2843e947387ce084ba6d:1631193569.112367"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 13858
expires: Fri, 01 Oct 2021 13:35:40 GMT

GET
H2 200 l
use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/ 30 KB
31 KB 32ms
12ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: efc84783941b9e95742edc7be7d4135d6755f2c5d931dec73837f452698fab5b

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
server: nginx
etag: "e8f0afc8be1f653a7bff6045a7dc07fba2140a10"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30984

GET
H2 200 l
use.typekit.net/af/dec5ec/00000000000000007735a096/30/ 31 KB
31 KB 69ms
50ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dec5ec/00000000000000007735a096/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8568a11261bf9bac917778c5c49b437ed0e4bdad992048e9fd29972f39360dd8

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
server: nginx
etag: "603db0ed9fa33df2e3c6e1b3bc3619940ea6b934"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31416

GET
H2 200 l
use.typekit.net/af/ac5663/00000000000000007735a458/30/ 53 KB
53 KB 51ms
31ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ac5663/00000000000000007735a458/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c7f2d633070725e049d7fc574ef317845ac659d72c34bc12f0b34f15d3291dd

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
server: nginx
etag: "a4cfd76f5aa2d5768b968145729f547d6a560c7b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 54340

GET
H2 200 l
use.typekit.net/af/00cc08/00000000000000007735a0a6/30/ 31 KB
31 KB 41ms
21ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/00cc08/00000000000000007735a0a6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 53f380c56bc5d70c9b49ba3f08c818058caed287bf1a65e685cf859a8cc9a96b

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
server: nginx
etag: "ea39bd98b385c0db31099ce043f89ad0d504d782"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31308

GET
H2 200 l
use.typekit.net/af/9d5bd3/00000000000000007735a09f/30/ 31 KB
31 KB 38ms
18ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9d5bd3/00000000000000007735a09f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a5bb984e626d25be3d71487881938564b13f6b43f80891f25c6b04a772328e08

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
server: nginx
etag: "01c88a1be82b85b10c770c6ae54e4949f8a948f1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31244

GET
H2 200 l
use.typekit.net/af/1fc4ef/00000000000000007735a45f/30/ 41 KB
41 KB 42ms
23ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1fc4ef/00000000000000007735a45f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: df5b10fbcfca5d22836e9a7ef86c2011d99ff5845e978b1861d54990aff42910

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
server: nginx
etag: "3a5fc2771c2eef9ccd61684c7bb55619887170b7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 41972

OPTIONS
H/1.1 200
OK ds
www.websteronline.com/bank/ Frame 0
0 469ms
144ms Preflight
application/javascript 12.216.193.68
WEBSTER-BANK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.websteronline.com/bank/ds?action=df_session-WOLSessionInfo&randomNumber=1633095040621
Protocol: HTTP/1.1
Server: 12.216.193.68 New Haven, United States, ASN39989 (WEBSTER-BANK, US),
Reverse DNS
Software: WebsterBank /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://public.websteronline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: WebsterBank
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 134
X-UA-Compatible: IE=edge
Access-Control-Allow-Origin: https://public.websteronline.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Request-Method: GET, POST
Vary: Origin
Keep-Alive: timeout=15, max=476
Connection: Keep-Alive

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/9fd4fd09/www-widgetapi.vflset/ 136 KB
44 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cbbc904491419df6072fa909da83136461831a5f8f91a2d8344c53cabd0c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 12:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45039
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Oct 2022 12:35:41 GMT

GET
H/1.1 200
OK ds Show response
www.websteronline.com/bank/ 134 B
2 KB 453ms
146ms XHR
application/javascript 12.216.193.68
WEBSTER-BANK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.websteronline.com/bank/ds?action=df_session-WOLSessionInfo&randomNumber=1633095040621
Requested by: Host: static.websteronline.com
URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js?seed=AMAfDDx8AQAAdVFXeUWzFXwJGPWMgQ8AmOvDKXONx4lPaLrGFjZ2mr73_tud&liLH9u0HBU--z=q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 12.216.193.68 New Haven, United States, ASN39989 (WEBSTER-BANK, US),
Reverse DNS
Software: WebsterBank /
Resource Hash: e3d09fc0364013f1df6ceef76b4c1981fc345faefa2090aef85765c2db44b925

Request headers

Accept: */*
Referer: https://public.websteronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
Access-Control-Request-Method: GET, POST
Server: WebsterBank
Vary: Origin
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin: https://public.websteronline.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=edge
Connection: Keep-Alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 134
Keep-Alive: timeout=15, max=473
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Digital_AAU_MediaCard_June2021_SecureTransactions.png
public.websteronline.com/sites/default/files/styles/card_318x180/public/2021-07/ 85 KB
86 KB 98ms
97ms Image
image/png 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.websteronline.com/sites/default/files/styles/card_318x180/public/2021-07/Digital_AAU_MediaCard_June2021_SecureTransactions.png?itok=xiknK81a

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/commercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cb25d90d09a4de0c2216b8f51ba557483481c64c909abe791fc58d69a3d5c8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/styles/card_318x180/public/2021-07/Digital_AAU_MediaCard_June2021_SecureTransactions.png?itok=xiknK81a
pragma: no-cache
cookie: WzPyZ2hU=A6q5DDx8AQAAX9PDdVublSjHt_p8fTHkB7MdDEe1ppZ5onp3xtbvAnFCLB8RAU4v0B6ucvlowH8AAEB3AAAAAA|1|0|bc7aa6a57b6bc49bbfb4c2e497125b8da65a8771
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: public.websteronline.com
referer: https://public.websteronline.com/commercial
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/commercial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168397
x-cache: HIT
x-ah-environment: prod
content-length: 87404
x-request-id: v-b9b3b756-0032-11ec-9ac4-d707c6a12f9c
access-control-allow-origin: https://www.websteronline.com
last-modified: Mon, 19 Jul 2021 21:19:22 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: image/png
via: varnish
expires: Wed, 13 Oct 2021 14:44:02 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 63228

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 22ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/commercial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: VW8CCHGKR4ZK6Z03
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: MncX4xvX6G/3ZCVU9xhgX1JCQw12l3nC4XnJi5uFxOrjvkq6VeBL/9/vLuSPh4OyPAeJ00ESZNY=
x-served-by: cache-fra19163-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1633095041.891564,VS0,VE0
date: Fri, 01 Oct 2021 13:30:40 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4702

GET
H/1.1 200
OK MultiNoun.jsonp Show response
d.la1-c2-ord.salesforceliveagent.com/chat/rest/System/ 226 B
591 B 891ms
120ms Script
text/javascript 13.108.251.135
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c2-ord.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[573i00000006sKa]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572i00000006p7P&org_id=00Di0000000byqI&version=40

Requested by

Host: c.la1-c1cs-ord.salesforceliveagent.com
URL: https://c.la1-c1cs-ord.salesforceliveagent.com/content/g/js/40.0/deployment.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.251.135 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ord.la1-c2-ord.salesforceliveagent.com

Software

Resource Hash

d9a0dc5b4fbf20b70aab7763c674403b3c90917d87260ff66fbd8ba82a136adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H2 200 utag.1.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 22 KB
5 KB 18ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.1.js?utv=ut4.46.202108111302
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf1573e9be3dbbd3d7c148a5008989068f879e7146f99ae4bcb1ddfd0df4e769

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 13:02:33 GMT
server: AkamaiNetStorage
etag: "15dfc9779814ee3cd236bd7997be4f3a:1628686953.784308"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 5026
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H2 200 utag.14.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 10 KB
4 KB 17ms
16ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.14.js?utv=ut4.46.201903280152
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 57ce46084c4c06e56db539cc29126d3f06501c22b64a3481120e08de9b24fec0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Mon, 21 Oct 2019 18:53:54 GMT
server: AkamaiNetStorage
etag: "39726b5e94d5d8758afc0c758dd7dfb5:1571684034.424146"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3427
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H2 200 utag.5.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 13 KB
4 KB 21ms
20ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.5.js?utv=ut4.46.201910011553
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8c5274aec9c4a656a085eda895e156d03470903630f25ba353abb0914fa2061c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 17:56:57 GMT
server: AkamaiNetStorage
etag: "8d7e15d1e8efc709b229595c9f43ab3f:1592589417.945729"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3931
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H2 200 utag.27.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 4 KB
2 KB 22ms
20ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.27.js?utv=ut4.46.202006151533
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 083d99083eadbee042030cf8b82b1eaff6a874255778d1a3e2de9699145f3ea4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 17:56:56 GMT
server: AkamaiNetStorage
etag: "efdf3ea167bf15464e70e271ce76ce7a:1592589416.014552"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1743
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H2 200 utag.60.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 6 KB
2 KB 25ms
23ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.60.js?utv=ut4.46.202006151533
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7de02cc350bdc0845200d5e28187a5ab4832496cfa22be90a4de09d1b8909488

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 17:56:54 GMT
server: AkamaiNetStorage
etag: "1d5b63f514fee31819fbfcee4df25ba3:1592589414.260072"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2157
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H2 200 utag.65.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 2 KB
1 KB 26ms
24ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.65.js?utv=ut4.46.202006151533
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 244ab27d5c470e357844e3d5e6c6538cbce399e208aa95ad1b7ee6a59ed31b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Mon, 15 Jun 2020 15:33:35 GMT
server: AkamaiNetStorage
etag: "fb83989ab8f87b740c26bd0aab181c37:1592235215.158438"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1126
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H2 200 utag.89.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 3 KB
2 KB 488ms
486ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.89.js?utv=ut4.46.202012151410
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0bb801749c446285c0e8eec7b9ea1a8d6bb541f72ab355312a3fa1bb89d7d166

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:10:41 GMT
server: AkamaiNetStorage
etag: "09f21360056a21f186c63984530e039a:1608041441.479076"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1441
expires: Sat, 16 Oct 2021 13:30:41 GMT

GET
H2 200 utag.98.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 11 KB
4 KB 27ms
26ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.98.js?utv=ut4.46.202012151410
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f703617946f9773e55cfb1a7a3f93cbe30ff22a4884d80ccdd9ec3b2d511d5fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:10:51 GMT
server: AkamaiNetStorage
etag: "f9f601d351873bca874d5eb7cf330d3f:1608041451.432111"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3519
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H2 200 utag.99.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 25 KB
5 KB 29ms
28ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.99.js?utv=ut4.46.202012151410
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9bd20ff362a87f1b42989e3a1b21e2197f8ebe51e7df4406f8b15d580b0ab50a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:10:43 GMT
server: AkamaiNetStorage
etag: "0fa2623e35030995afed466835333836:1608041443.606412"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4594
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H2 200 utag.139.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 5 KB
2 KB 28ms
27ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.139.js?utv=ut4.46.202103031155
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6929a754f1dcd8b867ded7df19adc22478cfee4ce691ff0a0e6cc76e59580ccf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 11:55:22 GMT
server: AkamaiNetStorage
etag: "4b69d57fed0010f3b2353a0e85b38d52:1614772522.330253"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2102
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H2 200 utag.194.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 13 KB
4 KB 29ms
28ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.194.js?utv=ut4.46.202109091319
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 37b0b955d1f0071245128ed807bcb37c5f2e39fc7983d4c189e21ea26d93e7a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 13:19:29 GMT
server: AkamaiNetStorage
etag: "d73ccd43a40c954e92cb5a333ea2146b:1631193569.72957"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3717
expires: Sat, 16 Oct 2021 13:30:40 GMT

GET
H/1.1 200
OK 8dc87c18d9 Show response
bam-cell.nr-data.net/1/ 49 B
930 B 532ms
513ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/8dc87c18d9?a=597086679&v=1210.e2a3f80&to=M1QAYBMHCkADVEcPCwoeI1cVDwtdTUdSAQE7UgNXCQM%3D&rst=3097&ck=1&ref=https://public.websteronline.com/commercial&ap=59&be=2230&fe=3060&dc=2797&perf=%7B%22timing%22:%7B%22of%22:1633095037813,%22n%22:0,%22f%22:856,%22dn%22:856,%22dne%22:856,%22c%22:856,%22ce%22:856,%22rq%22:857,%22rp%22:953,%22rpe%22:1045,%22dl%22:957,%22di%22:2796,%22ds%22:2796,%22de%22:2855,%22dc%22:3060,%22l%22:3060,%22le%22:3064%7D,%22navigation%22:%7B%7D%7D&fp=2763&fcp=2763&at=HxMDFlsdGU4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlRSDwUFVVVTFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoBC1ILVnRMB05WAhtDAlpeA1IFUlEOAFZVV1QGAUBKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 69760c05dcc95c8c-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

010197d1993c80fa2d28758f166043e0eace7c062d11df8a4bcb342fa8755b53

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: vtqjmTVeS4jS+fJfW5aQAw4bORQpq2mXyncnaPyDIxE73AOErL2oyD80EsNufhL5VeAGJ2vq2e6/6HypxLJi2w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Oct 2021 13:30:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 57ms
31ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119140-7

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19f1ea9021842f1be1cd11238a6ca7402eef0688a3ba2805a94e20a41e80e71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38935
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Oct 2021 13:30:40 GMT

GET
H2 451 468366.html Show response
di.rlcdn.com/ Frame 8D38 0
66 B 41ms
15ms Document
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://di.rlcdn.com/468366.html?pdata=page_id%3DCOMMERCIAL
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: di.rlcdn.com
:scheme: https
:path: /468366.html?pdata=page_id%3DCOMMERCIAL
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.websteronline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK eluminate.js Show response
libs.coremetrics.com/ 158 KB
44 KB 65ms
16ms Script
application/x-javascript 104.111.227.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/eluminate.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.227.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-227-33.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cc26b447d58c97a03b34a25d18020a210cb7b1869175fc768314cce874a6866b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Jan 2020 22:02:52 GMT
Server: AkamaiNetStorage
ETag: "5f2f46feb1478b4c98f3e4801d1985b3:1580508172"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 48ms
12ms Script
application/x-javascript 2600:9000:21f3:9400:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9400:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:22:00 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 13:21:50 GMT
server: Jetty(9.3.29.v20201019)
age: 520
x-edge-origin-shield-skipped: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: CiZXtJvRm-lo16gwYEqATee8-GISXg0172dlMrG2OwZOtxHXD9BdfQ==
expires: Fri, 01 Oct 2021 14:22:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

102ms
17ms

Script
application/x-javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:08 GMT
server: nginx
etag: W/"613888f4-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1 200
OK ord=1633095040991
tn.alphonso.tv/ad/ 35 B
271 B 410ms
121ms Image
image/gif 130.211.141.45
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tn.alphonso.tv/ad/ord=1633095040991?prd=web&cust=4096994-10000-JamLoop&utm_source=unk&utm_mdm=unk&url=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&title=Commercial%20Banking%2C%20Risk%20Management%2C%20%26%20Treasury%20%7C%20Webster%20Bank&sess=1633095272812&ref=&sess_status=st
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.141.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.141.211.130.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: 3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: nginx/1.20.0
ETag: "560c609e-23"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 52ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:40 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 19:22:40 GMT
x-msedge-ref: Ref A: 253FB2CB68AC4EF08874C678717CECB6 Ref B: FRAEDGE1414 Ref C: 2021-10-01T13:30:41Z
etag: "080879d5b3d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9985

GET
H2 200 2120588797962114 Show response
connect.facebook.net/signals/config/ 223 KB
68 KB 54ms
54ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2120588797962114?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb4b585618df4ba112fec9f8e2de393a31e0d2031f84a0eae37fe29c6a24e086

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: +kS8PfdzftddMLpe47GouqdvqR1U13Z3OpNyclPuk8pnRvDwVB5RmL2RhXNuqjcDmwpayjIiJ0AMzM9egq1vXg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Oct 2021 13:30:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK Cookie set ca.html Show response
20825635p.rfihub.com/ Frame 266E 3 KB
4 KB 182ms
30ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20825635p.rfihub.com/ca.html?_o=30049&_t=commercial&ver=9&rb=30049&ca=20825635&t=other&pid=&pe=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&pf=&ra=9913459835218648
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 54f8f5550a15f521dd22a18594ae28ca2d23a1b0ed3f3a27b313beecf0c668c2

Request headers

Host: 20825635p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://public.websteronline.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzE0Mze2sLQwMRbiM9QtqyjyLg0ITzbNcLaU4jU0MzY2sDQ1MDE0tDADAEfw0Lc0AAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 26 Oct 2022 13:30:41 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAJvFyGtoZmxsYGlqYGJoaGG5Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxMrmn5uNPei8RcJo_IfofEBOrP86yABAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 26 Oct 2022 13:30:41 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzE0Mze2sLQwMRbiM9QtqyjyLg0ITzbNcLYEAOrel3wlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2806
Server: Jetty(9.3.29.v20201019)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119140-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2624
date: Fri, 01 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 01 Oct 2021 14:46:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-957546527&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119140-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f84d48852a251c7a2e8715153e43acf6e361eddb8c2f0cd93aa88a15bf501f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39353
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Oct 2021 13:30:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-79CFNBLNHH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119140-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18062e25088f85dc10a1c46ff6adb373eba4d251654e3de4f5fbbd9d9a0679e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49775
x-xss-protection: 0
expires: Fri, 01 Oct 2021 13:30:41 GMT

GET
H/1.1 200
OK 54290000.js Show response
libs.coremetrics.com/configs/ 125 B
413 B 99ms
99ms Script
application/x-javascript 104.111.227.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/configs/54290000.js
Requested by: Host: libs.coremetrics.com
URL: https://libs.coremetrics.com/eluminate.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.227.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-227-33.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d2f65b5b23c8346bf2a6a561789dd547803405f7291e517798c2f048dd0e7318

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Last-Modified: Thu, 12 Jul 2018 18:20:15 GMT
Server: AkamaiNetStorage
ETag: "82e6d8421d893ce68d9bb32d26b20975:1531419713"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 125

GET
H/1.1 200
OK cm
data.coremetrics.com/ 43 B
467 B 434ms
104ms Image
image/gif 54.224.36.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.coremetrics.com/cm?ci=54290000%7Cpublic.websteronline.com&st=1633095041035&vn1=4.23.167&ec=utf-8&vn2=e4.0&pi=COMMERCIAL&ul=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&cjen=1&cjuid=20517987801916330950410&cjsid=72118581633095041049&cjvf=7&tid=6&cg=%3ACOMMERCIAL&rnd=1633096836885&pc=Y&jv=1.8.5&np0=Chrome%20PDF%20Plugin&np1=Chrome%20PDF%20Viewer&np2=Native%20Client&je=n&sw=1600&sh=1200&pd=24&tz=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.36.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-36-233.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: Apache
Vary: Host
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Connection: close
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 30 Sep 2021 13:30:41 GMT

GET
H2 204 5795046.js Show response
bat.bing.com/p/action/ 0
109 B 316ms
316ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5795046.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Oct 2021 13:30:40 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 8CE6F49AC239428D9763718B508B6C24 Ref B: FRAEDGE1414 Ref C: 2021-10-01T13:30:41Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
149 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5795046&Ver=2&mid=e002fd4d-29d7-427f-8e18-6982cd41c6f7&sid=c59313f022bb11ec9b6769050d248498&vid=c59327e022bb11ecbd00694518c44527&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Commercial%20Banking,%20Risk%20Management,%20%26%20Treasury%20%7C%20Webster%20Bank&p=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&r=&lt=3064&evt=pageLoad&msclkid=N&sv=1&rn=605011
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 01 Oct 2021 13:30:40 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: C14FA3B6C2194B249CB637C10D8D9BDD Ref B: FRAEDGE1414 Ref C: 2021-10-01T13:30:41Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=147197418&t=pageview&_s=1&dl=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&ul=en-us&de=UTF-8&dt=Commercial%20Banking%2C%20Risk%20Management%2C%20%26%20Treasury%20%7C%20Webster%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUABB~&cid=726170828.1633095041&tid=UA-119140-7&_gid=1453144284.1633095041&gtm=2ou9r0&z=1234978725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 20:55:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59700
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 52ms
26ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-957546527&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ca793767914443217c2ccdd3860b99bc7fbc463643b98b52b0c85a540013f204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14194
x-xss-protection: 0
server: cafe
etag: 2059617935603926905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Oct 2021 13:30:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
426 B 24ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2120588797962114&ev=PageView&dl=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&rl=&if=false&ts=1633095041113&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.1.1633095041112.863361514&it=1633095041009&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 01 Oct 2021 13:30:41 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
129 B 15ms
15ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-79CFNBLNHH&gtm=2oe9r0&_p=147197418&sr=1600x1200&ul=en-us&cid=726170828.1633095041&_s=1&dl=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&dt=Commercial%20Banking%2C%20Risk%20Management%2C%20%26%20Treasury%20%7C%20Webster%20Bank&sid=1633095041&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-79CFNBLNHH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.websteronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://public.websteronline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dispatcher-v3.js Show response
tmscdn.coremetrics.com/tms/ 5 KB
2 KB 41ms
8ms Script
application/x-javascript 104.111.227.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tmscdn.coremetrics.com/tms/dispatcher-v3.js
Requested by: Host: libs.coremetrics.com
URL: https://libs.coremetrics.com/eluminate.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.227.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-227-33.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 80eb5bb22c350b6e7d6b0d133860eb4ed3cb91a3b8cd301ac00f2aecef47c903

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Oct 2020 15:00:35 GMT
Server: AkamaiNetStorage
ETag: "ff46bff054ea5901b77922bfcce5a6b1:1602169236.920624"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1228

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957546527/ 2 KB
2 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957546527/?random=1633095041151&cv=9&fst=1633095041151&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&tiba=Commercial%20Banking%2C%20Risk%20Management%2C%20%26%20Treasury%20%7C%20Webster%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bed3586512ba82fb13f31fedb6c3845394690aec1099cd35e65d12e57ca191b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK yahoo-min.js Show response
libs.coremetrics.com/ddxlibs/ 7 KB
3 KB 8ms
8ms Script
application/x-javascript 104.111.227.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/ddxlibs/yahoo-min.js
Requested by: Host: tmscdn.coremetrics.com
URL: https://tmscdn.coremetrics.com/tms/dispatcher-v3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.227.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-227-33.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c642c7ca52f6c1109ae4f95cc996868b27c2aa5d230bb2fae8b73969093eac17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Aug 2014 12:31:47 GMT
Server: AkamaiNetStorage
ETag: "839e18c2abe9817eb0b63acb4f014aa4:1407414707"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H/1.1 200
OK cp-v3.js Show response
tmscdn.coremetrics.com/tms/54290000/ 12 B
299 B 347ms
347ms Script
application/x-javascript 104.111.227.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tmscdn.coremetrics.com/tms/54290000/cp-v3.js?__t=20211001133041183
Requested by: Host: tmscdn.coremetrics.com
URL: https://tmscdn.coremetrics.com/tms/dispatcher-v3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.227.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-227-33.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Last-Modified: Thu, 12 Jul 2018 19:58:59 GMT
Server: AkamaiNetStorage
ETag: "bc6573647ae421e4cd14dcdf34c877ce:1531425539"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12

GET
H/1.1 200
OK json-min.js Show response
libs.coremetrics.com/ddxlibs/ 5 KB
2 KB 8ms
8ms Script
application/x-javascript 104.111.227.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/ddxlibs/json-min.js
Requested by: Host: tmscdn.coremetrics.com
URL: https://tmscdn.coremetrics.com/tms/dispatcher-v3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.227.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-227-33.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Aug 2014 12:31:47 GMT
Server: AkamaiNetStorage
ETag: "59d3be5741942c7fca3daff0b2d977ef:1407414707"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2204

GET
H2 200 /
www.google.com/pagead/1p-user-list/957546527/ 42 B
569 B 47ms
21ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957546527/?random=1633095041151&cv=9&fst=1633093200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&tiba=Commercial%20Banking%2C%20Risk%20Management%2C%20%26%20Treasury%20%7C%20Webster%20Bank&async=1&fmt=3&is_vtc=1&random=1613955265&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957546527/ 42 B
569 B 43ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957546527/?random=1633095041151&cv=9&fst=1633093200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial&tiba=Commercial%20Banking%2C%20Risk%20Management%2C%20%26%20Treasury%20%7C%20Webster%20Bank&async=1&fmt=3&is_vtc=1&random=1613955265&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 266E
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MjE1OTgyNzg3NDE2NzM4OTg0Mw==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESED4pfb6wWFst095ROYqXm1E&google_cver=1

42 B
1 KB

96ms
25ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESED4pfb6wWFst095ROYqXm1E&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESED4pfb6wWFst095ROYqXm1E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 266E
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=2159827874167389843
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D2159827874167389843

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D2159827874167389843

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
X-Proxy-Origin: 78.47.208.30; 78.47.208.30; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7272d53b-5ec8-4faa-b9c9-f073a4f1bb22
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
X-Proxy-Origin: 78.47.208.30; 78.47.208.30; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d0ff41b9-56a6-49c4-b8fd-67cbca9f1db9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D2159827874167389843
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 266E
Redirect Chain

https://stags.bluekai.com/site/4722?id=2159827874167389843&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

42 B
1 KB

25ms
24ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Date: Fri, 01 Oct 2021 13:30:41 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 266E 0
239 B 61ms
19ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=2159827874167389843
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 266E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=2159827874167389843&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=2159827874167389843&redir=

42 B
945 B

35ms
34ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=2159827874167389843&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-0b77e15e9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2LjQSYOSSRY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v018-0da38673c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: j2CnNK+kTgk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=2159827874167389843&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 266E
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=2159827874167389843&bid=omt9pi0

0
344 B

67ms
7ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=2159827874167389843&bid=omt9pi0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=2159827874167389843&bid=omt9pi0
Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 266E 46 B
696 B 83ms
56ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=2159827874167389843

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 01 Oct 2021 13:30:41 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Fri, 01 Oct 2021 13:30:41 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 266E 0
105 B 49ms
14ms Image
text/plain 35.157.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.2.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-2-63.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 266E
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2159827874167389843&referrer=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial
https://p.rfihub.com/cm?pub=39342&in=0&userid=2f00fe3a-4464-4214-aceb-c72708b698d4%3A1633095043.06&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D2f00fe3a-4464-4214-aceb-c72708b698d4...
https://idsync.rlcdn.com/501709.gif?partner_uid=2f00fe3a-4464-4214-aceb-c72708b698d4%3A1633095043.06
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOkm2QaAwvbtIbPF3DDalsA&google_cver=1

42 B
299 B

15ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOkm2QaAwvbtIbPF3DDalsA&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Oct 2021 13:30:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOkm2QaAwvbtIbPF3DDalsA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 266E 43 B
109 B 362ms
144ms Image
image/gif 3.211.82.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=2159827874167389843
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.82.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-82-118.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 266E
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2159827874167389843&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2159827874167389843&forward=&C=1

43 B
1006 B

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2159827874167389843&forward=&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Oct 2021 13:30:41 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2159827874167389843&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Fri, 01 Oct 2021 13:30:41 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 266E 42 B
394 B 31ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=2159827874167389843
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Oct 2021 13:30:41 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 266E 43 B
191 B 190ms
145ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=2159827874167389843

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 01 Oct 2021 13:30:41 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 266E
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2159827874167389843&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2159827874167389843&img=1&__user_check__=1&sync_id=c5c5d821-22bb-11ec-8265-12c786060306

43 B
549 B

26ms
25ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2159827874167389843&img=1&__user_check__=1&sync_id=c5c5d821-22bb-11ec-8265-12c786060306
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 121
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=2159827874167389843&img=1&__user_check__=1&sync_id=c5c5d821-22bb-11ec-8265-12c786060306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 69
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 266E 43 B
183 B 300ms
94ms Image
image/gif 2600:1f18:612b:4200:787a:99c3:22c2:11ca
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=2159827874167389843&r=ZKTD2zUa6Dbm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:787a:99c3:22c2:11ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 266E 43 B
238 B 37ms
7ms Image
image/gif 18.158.92.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=2159827874167389843
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.92.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 266E 0
338 B 108ms
32ms Image
text/plain 54.195.112.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=2159827874167389843
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.112.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-112-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1633095041
x-served-by: beacon-n005-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 266E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=2159827874167389843&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=2159827874167389843&expires=30

43 B
344 B

9ms
9ms

Image
image/gif

3.123.161.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=2159827874167389843&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.161.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-161-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=2159827874167389843&expires=30
date: Fri, 01 Oct 2021 13:30:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 266E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YVcNgQAFxaJPzAAT
https://p.rfihub.com/cm?in=1&pub=21653&userid=YVcNgQAFxaJPzAAT&_test=YVcNgQAFxaJPzAAT

42 B
1 KB

23ms
23ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YVcNgQAFxaJPzAAT&_test=YVcNgQAFxaJPzAAT
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20825635p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1633095042.513910,VS0,VE0
x-served-by: cache-fra19128-FRA
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YVcNgQAFxaJPzAAT&_test=YVcNgQAFxaJPzAAT
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2011421&ADFdivider=%7C&ord=876137177496&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2011421&ADFdivider=%7C&ord=876137177496&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial

1 KB
1 KB

92ms
91ms

Script
text/javascript

185.167.164.51
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2011421&ADFdivider=%7C&ord=876137177496&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.51 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8d4fade4cf73e523b8c0150dc8b015a203c3b8aa69e061fec77850b0f7a96e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 805
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2011421&ADFdivider=%7C&ord=876137177496&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 17ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=websterbank/websterbankd8/202109091319&cb=1633095041378
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 01 Oct 2021 13:40:41 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ 43 B
519 B 86ms
28ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1508178&mt_adid=206701&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master zrh-pixel-x31 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Oct 2021 13:30:40 GMT

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 1533 1 KB
899 B 91ms
91ms Document
text/html 185.167.164.51
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2011421&lid=75390617&ctype=0&media=0&PageName=public.websteronline.com%2fcommercial&rnd=1405236464&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2fcommercial

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.51 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4ae9a2717aee3cb40ae99969f9aac52eb3f8f5297c4836b99f0c396be5b944b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: a2.adform.net
:scheme: https
:path: /serving/container/?pm=2011421&lid=75390617&ctype=0&media=0&PageName=public.websteronline.com%2fcommercial&rnd=1405236464&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2fcommercial
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.websteronline.com/
accept-encoding: gzip, deflate, br
cookie: C=1; uid=2399074992399806410; CM=1|1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/

Response headers

server: nginx
date: Fri, 01 Oct 2021 13:30:41 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame E196 5 KB
2 KB 90ms
17ms Document
text/html 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2011421&ADFdivider=%7C&ord=876137177496&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2Fcommercial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a03c3f062878145314ee8deadffe96a9c3c5adad130c2d6f6c4c8a8ddebbff0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.websteronline.com/
accept-encoding: gzip, deflate, br
cookie: C=1; uid=2399074992399806410; CM=1|1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/

Response headers

server: nginx
date: Fri, 01 Oct 2021 13:30:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: CM14=1633181441_1633095041_1_Hu7u4e4e4e7u7u4REREeERERERHhEA; expires=Fri, 15 Oct 2021 13:30:41 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
344 B 88ms
17ms Image
image/gif 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=2399074992399806410&stamp=lP-vV9UCX1ADvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Oct 2021 13:30:41 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 plf
c1.adform.net/imatch/ Frame E196 0
261 B 18ms
17ms Image
text/plain 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E196
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2399074992399806410&Expiration=1634304641
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2399074992399806410&Expiration=1634304641

43 B
423 B

11ms
11ms

Image
image/gif

52.57.38.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2399074992399806410&Expiration=1634304641
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-38-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Oct 2021 13:30:41 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2399074992399806410&Expiration=1634304641
date: Fri, 01 Oct 2021 13:30:41 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E196 0
522 B 59ms
16ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=2399074992399806410

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 30 Sep 2021 13:30:41 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame E196 0
214 B 39ms
9ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E196
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2399074992399806410&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2399074992399806410&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=2f96680f87164280a...
https://c1.adform.net/serving/cookie/match?party=9&uid=51d377da8dabbcf16aba3c097d5b0cf6717a317b40cf08c5abe7fe96222511dc

35 B
468 B

18ms
18ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=51d377da8dabbcf16aba3c097d5b0cf6717a317b40cf08c5abe7fe96222511dc

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=51d377da8dabbcf16aba3c097d5b0cf6717a317b40cf08c5abe7fe96222511dc
date: Fri, 01 Oct 2021 13:30:41 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E196 43 B
163 B 125ms
16ms Image
image/gif 185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2399074992399806410&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55944/ Frame E196
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=2399074992399806410&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=2399074992399806410&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2399074992399806410&_origin=1&apid=UPc5f48d6a-22bb-11ec-85d2-061330fd91a8
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2399074992399806410&_origin=1&apid=UPc5f48d6a-22bb-11ec-85d2-061330fd91a8&verify=true

0
1 KB

12ms
11ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=2399074992399806410&_origin=1&apid=UPc5f48d6a-22bb-11ec-85d2-061330fd91a8&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=2399074992399806410&_origin=1&apid=UPc5f48d6a-22bb-11ec-85d2-061330fd91a8&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame E196 43 B
712 B 88ms
17ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1633095041651044-533
Expires: Fri, 01 Oct 2021 13:30:41 GMT

GET
H2

200

m
cm.mgid.com/ Frame E196
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=2399074992399806410
https://cm.mgid.com/m?cdsp=433145&c=eaed8f56-a901-4fe9-838b-15e47d57f76a&gdpr=&gdpr_consent=&us_privacy=

43 B
853 B

102ms
62ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=eaed8f56-a901-4fe9-838b-15e47d57f76a&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 08049041-b142-4d2a-b420-b7492257c4a3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69760c0adaaa42e7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=eaed8f56-a901-4fe9-838b-15e47d57f76a&gdpr=&gdpr_consent=&us_privacy=
date: Fri, 01 Oct 2021 13:30:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK rum
dsum-sec.casalemedia.com/ Frame E196 43 B
920 B 23ms
18ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2399074992399806410&expiration=1634304641
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Oct 2021 13:30:41 GMT

GET
H/1.1

200
OK

info
uipglob.semasio.net/dbm/1/ Frame E196
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2399074992399806410&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2399074992399806410&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=ba1e6157-0d81-4a00-889d-2447b459e3ff&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=8ed5d710-500f-40cc-a3bd-77166f1e176a
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QTc1MkQzQTE3MERFMjM3QQ&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESED5zX3MnMGFb25eSloLbUqQ&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1

42 B
604 B

26ms
26ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESED5zX3MnMGFb25eSloLbUqQ&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:39 GMT
frontend-id: 10
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESED5zX3MnMGFb25eSloLbUqQ&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame E196 0
344 B 13ms
8ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=2399074992399806410&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame E196
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2399074992399806410
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2399074992399806410&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
332 B

47ms
6ms

Image
image/gif

2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-nzt: AcO1rgX9dvXv6wYAAA==
x-accel-expires: @1634130070
date: Fri, 01 Oct 2021 13:30:41 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: oKgWDyIXjik=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 1771
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame E196 0
0 16ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2

200

tpid=2399074992399806410
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame E196
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2399074992399806410
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2399074992399806410

49 B
737 B

42ms
42ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.28.51
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2399074992399806410
cache-control: no-cache
x-server: 10.45.1.56
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame E196 62 B
227 B 164ms
153ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E196
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2399074992399806410
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2399074992399806410

43 B
180 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2399074992399806410
date: Fri, 01 Oct 2021 13:30:41 GMT
via: 1.1 google
server: OXGW/16.216.4
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame E196
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

135ms
41ms

Image
image/gif

52.218.80.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.80.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:42 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: VZVDK4HBZ8VBGHCD
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 9oECBA8ZCUDSXb0hTg0+QiUPM2h32059DYlrlyf+hL/0uJRLaYH58CDoI+UJ0OE4J+N2vmaxJIM=

Redirect headers

X-Error-Reason: Missing UserId
Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame E196
Redirect Chain

https://pixel.onaudience.com/?mapped=2399074992399806410&partner=68
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ca917d20fde0a023c558c6f172ed3e75

35 B
247 B

14ms
13ms

Image
image/gif

146.59.148.16
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ca917d20fde0a023c558c6f172ed3e75
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-2.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ca917d20fde0a023c558c6f172ed3e75
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame E196
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2399074992399806410
https://tags.adsafety.net/v1/cm?cm_uid=CM120211001139697fdcc636b7ce5f83&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=fb9a0faa67cee5ad00fddd33816ea81d
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120211001139697fdcc636b7ce5f83&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=fb9a0faa67cee5ad00fddd33816ea81d&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEwMDExMzk2OTdmZGNjNjM2YjdjZTVmODM
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEPjM7k242ceiuvuz9BY8suc&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120211001139697fdcc636b7ce5f83
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2399074992399806410
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7014089792373192843
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7014089792373192843

43 B
2 KB

10ms
9ms

Image
image/gif

139.162.146.37
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7014089792373192843
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.146.37 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1413-37.members.linode.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:42 GMT
Last-Modified: Fri, 01 Oct 2021 13:30:42 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7014089792373192843
Date: Fri, 01 Oct 2021 13:30:42 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E196 0
337 B 37ms
32ms Image
text/plain 54.195.112.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.112.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-112-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1633095041
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame E196
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjM5OTA3NDk5MjM5OTgwNjQxMA
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKOtjrBpRZHYCTak8NDz8_E&google_cver=1&google_ula=1641347,0

35 B
468 B

18ms
18ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKOtjrBpRZHYCTak8NDz8_E&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKOtjrBpRZHYCTak8NDz8_E&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame E196 0
261 B 23ms
18ms Image
text/plain 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame E196
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=8319136382819908135&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=2399074992399806410

43 B
1022 B

6ms
6ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=2399074992399806410

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
X-Proxy-Origin: 78.47.208.30; 78.47.208.30; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9a871af6-0ed5-4db1-93b2-af3c91000087
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=2399074992399806410
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E196 42 B
543 B 87ms
25ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:418
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame E196 43 B
476 B 43ms
8ms Image
image/gif 13.225.87.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-126.fra2.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 14:12:12 GMT
Via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 83909
X-Edge-Origin-Shield-Skipped: 0
Content-Type: image/gif
Connection: keep-alive
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA2-C2
Content-Length: 43
X-Amz-Cf-Id: otMPlH8kCFsKkV6VqYKSiX0SC4AwuAAEg8ye3fijI3_zSYjFnCoSKA==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame E196
Redirect Chain

https://a.audrte.com/a?adform_uid=2399074992399806410
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEHb32HscOXHT-bX78R7NNfk&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=b0djvdAhlSVQ9Gfb8CpukGrag&gdpr=0&gdpr_consent=

0
344 B

16ms
16ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=b0djvdAhlSVQ9Gfb8CpukGrag&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:42 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Fri, 01 Oct 2021 13:30:42 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=b0djvdAhlSVQ9Gfb8CpukGrag&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E196
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2399074992399806410&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://c1.adform.net/serving/cookie/match?party=1007&cid=40668554678314766864524860920074017292&noredirect=1

35 B
468 B

17ms
16ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=40668554678314766864524860920074017292&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v018-0b11b7be7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: bW0qiYawTvI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=40668554678314766864524860920074017292&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E196
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2399074992399806410
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164981103926000204564

35 B
468 B

18ms
18ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164981103926000204564

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164981103926000204564
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E196
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7014089792373192843

35 B
468 B

17ms
17ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7014089792373192843

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7014089792373192843
Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame E196 62 B
519 B 152ms
152ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:42 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
bk-server: 82c4
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E196
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=ba1e6157-0d81-4a00-889d-2447b459e3ff

35 B
468 B

17ms
16ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=ba1e6157-0d81-4a00-889d-2447b459e3ff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=ba1e6157-0d81-4a00-889d-2447b459e3ff
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 01 Oct 2021 13:30:40 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E196
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=DFb0jSI41MwiCB5

35 B
468 B

19ms
19ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=DFb0jSI41MwiCB5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0f1a9d8b7eed06fb2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=DFb0jSI41MwiCB5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E196
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=8ed5d710-500f-40cc-a3bd-77166f1e176a

35 B
468 B

17ms
16ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=8ed5d710-500f-40cc-a3bd-77166f1e176a

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:42 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=8ed5d710-500f-40cc-a3bd-77166f1e176a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET image.sbmx
global.ib-ibi.com/ Frame E196 0
0

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame E196
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=2399074992399806410
https://id5-sync.com/c/10/10/2/1.gif?puid=2399074992399806410&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOsdIOAPDUgMdDQWzHubzCkJ72_hcjpL91rRD0Rw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/1/2.gif?puid=6c8ae49b-2333-49fd-9126-d633e480b01f&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPmZSAAWutMvZ0Sxptl_Blk&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8319136382819908135&opid=apx&ops=&utidl=tech:goo:CAESEPmZSAAWutMvZ0Sxptl_Blk&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A21168907242&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

43 B
1 KB

8ms
8ms

Image
image/gif

51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A21168907242&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A21168907242&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
date: Fri, 01 Oct 2021 13:30:42 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E196
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2470323905
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=6q.JechJeAQRZQutAZ2Lr.

35 B
468 B

18ms
18ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=6q.JechJeAQRZQutAZ2Lr.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:42 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:42 GMT
via: 1.1 google
last-modified: Fri, 01 Oct 2021 13:30:42 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=6q.JechJeAQRZQutAZ2Lr.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E196 23 B
172 B 71ms
32ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:42 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 01 Oct 2021 13:30:42 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame E196
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2399074992399806410
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2399074992399806410&cs=1

35 B
376 B

2ms
2ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2399074992399806410&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dmc-test-dn3
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:42 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2399074992399806410&cs=1
date: Fri, 01 Oct 2021 13:30:42 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame E196 0
240 B 35ms
8ms Image
text/plain 2600:9000:20eb:0:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2399074992399806410
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:0:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:42 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 40zL7KdqNN8sztPPlN7pRZjpWjDVEjzvIf-Lx1xyI3acJHhZRBcLpA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E196
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2399074992399806410&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2399074992399806410&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=c3b97176-fabc-4903-b6f5-a05a7193a4fd

35 B
477 B

17ms
17ms

Image
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=c3b97176-fabc-4903-b6f5-a05a7193a4fd

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 13:30:42 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=c3b97176-fabc-4903-b6f5-a05a7193a4fd
date: Fri, 01 Oct 2021 13:30:42 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 2399074992399806410
match.contentexchange.me/adform/ Frame E196 0
49 B 97ms
38ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/2399074992399806410?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:42 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame E196
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=2399074992399806410&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2399074992399806410&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2399074992399806410&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=2399074992399806410&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 01 Oct 2021 13:30:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame E196 0
261 B 21ms
18ms Image
text/plain 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2399074992399806410&agencyId=6276&advertiserId=2065158&src=tp&rnd=640791
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:41 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 1533 1 KB
2 KB 34ms
32ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1468283&mt_adid=206701&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2011421&lid=75390617&ctype=0&media=0&PageName=public.websteronline.com%2fcommercial&rnd=1405236464&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2fcommercial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master zrh-pixel-x8 config:1.0.0 /
Resource Hash: d4ac0dbfa81a8ae80a5601a7759f813ff65382bc2ee803dfa62b9cf465281e27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x8 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Fri, 01 Oct 2021 13:30:40 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 1533 1 KB
2 KB 49ms
33ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1483032&mt_adid=206701&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2011421&lid=75390617&ctype=0&media=0&PageName=public.websteronline.com%2fcommercial&rnd=1405236464&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2fcommercial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master zrh-pixel-x3 config:1.0.0 /
Resource Hash: d4ac0dbfa81a8ae80a5601a7759f813ff65382bc2ee803dfa62b9cf465281e27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Fri, 01 Oct 2021 13:30:40 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 23DA 631 B
962 B 31ms
18ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=ba1e6157-0d81-4a00-889d-2447b459e3ff&no_iframe=1&mt_adid=206701&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1468283&mt_adid=206701&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Host: pixel.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://a2.adform.net/
Accept-Encoding: gzip, deflate, br
Cookie: uuid=ba1e6157-0d81-4a00-889d-2447b459e3ff
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a2.adform.net/

Response headers

Content-Type: text/html
Content-Length: 631
Server: MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 01 Oct 2021 13:30:40 GMT
Date: Fri, 01 Oct 2021 13:30:41 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 1533 43 B
492 B 21ms
21ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2011421&lid=75390617&ctype=0&media=0&PageName=public.websteronline.com%2fcommercial&rnd=1405236464&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2fcommercial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master zrh-pixel-x2 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Oct 2021 13:30:40 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 23DA 43 B
493 B 24ms
24ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=ba1e6157-0d81-4a00-889d-2447b459e3ff&no_iframe=1&mt_adid=206701&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master zrh-pixel-x26 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=ba1e6157-0d81-4a00-889d-2447b459e3ff&no_iframe=1&mt_adid=206701&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 13:30:41 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Oct 2021 13:30:40 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/ 2 KB
1 KB 698ms
102ms Script
text/javascript 13.110.71.224
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?sid=36c1900c-45da-4d33-9a97-4a41012d0f2c&Settings.prefix=Visitor&Settings.buttonIds=[573i00000006sKa]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572i00000006p7P&org_id=00Di0000000byqI&version=40

Requested by

Host: c.la1-c1cs-ord.salesforceliveagent.com
URL: https://c.la1-c1cs-ord.salesforceliveagent.com/content/g/js/40.0/deployment.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.71.224 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg1-c6-iad5.la4-c2-ia5.salesforceliveagent.com

Software

Resource Hash

553e8fba42fb54e05b1afd0b0c5244a48b636978c18927efac85bc6db69baf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2399074992399806410

Verdicts & Comments Add Verdict or Comment

422 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

140 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.websteronline.com/	1970-01-20 06:24:11	Name: WzPyZ2hU Value: A6q5DDx8AQAAX9PDdVublSjHt_p8fTHkB7MdDEe1ppZ5onp3xtbvAnFCLB8RAU4v0B6ucvlowH8AAEB3AAAAAA\|1\|0\|bc7aa6a57b6bc49bbfb4c2e497125b8da65a8771
static.websteronline.com/	1969-12-31 23:59:59	Name: NSC_tibqf_ttm_0_wjq_tubujd Value: ffffffff20fcc05145525d5f4f58455e445a4a42378b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Z5LPtoog4kw
.youtube.com/	1970-01-20 01:57:27	Name: VISITOR_INFO1_LIVE Value: UHblP6-xhsg
.public.websteronline.com/	1970-02-17 11:32:38	Name: consdepapptestgroup Value: Test
.websteronline.com/	1970-01-20 06:23:51	Name: utag_main Value: v_id:017c3c0cbf61001ddb45314bd6fb03072002b06a00b08$_sn:1$_se:1$_ss:1$_st:1633096840865$ses_id:1633095040865%3Bexp-session$_pn:1%3Bexp-session
public.websteronline.com/	1970-01-20 06:23:51	Name: liveagent_oref Value:
.public.websteronline.com/	1969-12-31 23:59:59	Name: cmTPSet Value: Y
.bing.com/	1970-01-20 06:59:51	Name: MUID Value: 0FC6E14DAC096E840478F18EAD626F37
.public.websteronline.com/	1970-01-25 09:02:15	Name: CoreID6 Value: 20517987801916330950410&ci=54290000\|public.websteronline.com
.websteronline.com/	1970-01-19 21:39:41	Name: _uetsid Value: c59313f022bb11ec9b6769050d248498
.websteronline.com/	1970-01-20 06:59:51	Name: _uetvid Value: c59327e022bb11ecbd00694518c44527
.websteronline.com/	1970-01-19 21:39:41	Name: _gid Value: GA1.2.1453144284.1633095041
.websteronline.com/	1970-01-19 23:47:51	Name: _gcl_au Value: 1.1.973716996.1633095041
.websteronline.com/	1970-01-19 23:47:51	Name: _fbp Value: fb.1.1633095041112.863361514
.websteronline.com/	1970-01-20 15:09:27	Name: _ga_79CFNBLNHH Value: GS1.1.1633095041.1.0.1633095041.0
.websteronline.com/	1970-01-20 15:09:27	Name: _ga Value: GA1.1.726170828.1633095041
.facebook.com/	1970-01-19 23:47:51	Name: fr Value: 0Isay2LdRGUdtvIEI..BhVw2B...1.0.BhVw2B.
.rfihub.com/	1970-01-20 06:59:51	Name: rud Value: H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzE0Mze2sLQwMRbiM9QtqyjyLg0ITzbNcLaU4jU0MzY2sDQ1MDE0tDADAEfw0Lc0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzE0Mze2sLQwMRbiM9QtqyjyLg0ITzbNcLYEAOrel3wlAAAA
.adnxs.com/	1970-01-19 23:47:51	Name: uuid2 Value: 8319136382819908135
.doubleclick.net/	1970-01-20 06:59:51	Name: IDE Value: AHWqTUkboq34hPEKV2WrSihDPPjFoMGneEBjKkvhk0gBWTiR4flPuRS0SKlXkEdfyYI
.media.net/	1970-01-20 06:23:51	Name: visitor-id Value: 2760966415631802000V10
.media.net/	1970-01-20 06:22:24	Name: data-rk Value: 2159827874167389843~~3
.media.net/	1970-01-20 02:04:39	Name: gdpr_status Value: 1
.casalemedia.com/	1970-01-20 06:23:51	Name: CMID Value: YVcNgVOQQIJrZB.pt5C88QAA
.casalemedia.com/	1970-01-19 23:47:51	Name: CMPS Value: 3174
.casalemedia.com/	1970-01-19 23:47:51	Name: CMPRO Value: 1121
.casalemedia.com/	1970-01-19 21:39:41	Name: CMST Value: YVcNgWFXDYEA
.demdex.net/	1970-01-20 01:57:27	Name: demdex Value: 40668554678314766864524860920074017292
.eyeota.net/	1970-01-19 21:38:15	Name: SERVERID Value: 18739~DM
.bidswitch.net/	1970-01-20 06:23:51	Name: tuuid Value: eaed8f56-a901-4fe9-838b-15e47d57f76a
.bidswitch.net/	1970-01-20 06:23:51	Name: c Value: 1633095041
.bidswitch.net/	1970-01-20 06:23:51	Name: tuuid_lu Value: 1633095041
.spotxchange.com/	1970-01-20 06:23:55	Name: audience Value: c5c5d7c2-22bb-11ec-8265-12c786060306
.dpm.demdex.net/	1970-01-20 01:57:27	Name: dpm Value: 40668554678314766864524860920074017292
.mathtag.com/	1970-01-20 07:04:10	Name: uuid Value: ba1e6157-0d81-4a00-889d-2447b459e3ff
.krxd.net/	1970-01-20 01:57:27	Name: _kuid_ Value: OZRkgWPs
.adform.net/	1970-01-19 22:22:57	Name: C Value: 1
.public.websteronline.com/	1969-12-31 23:59:59	Name: 54290000_clogin Value: v=1&l=72118581633095041049&e=1633096841494
.everesttech.net/	1970-01-20 06:23:51	Name: everest_g_v2 Value: g_surferid~YVcNgQAFxaJPzAAT
.rfihub.com/	1970-01-20 06:59:51	Name: smd Value: H4sIAAAAAAAAADPiNTQzNjawNDUwMTQ1NgIAAUcHXw8AAAA
www.websteronline.com/	1970-01-19 21:38:15	Name: ADRUM_BTa Value: "R:33\|g:afa758e8-0122-4da0-8a99-3b0d59564098\|n:websterbank-prod_c9374e8c-410c-4c95-b2e2-c260007ca479"
www.websteronline.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 5tBU4Qza9R6gK+eCIpT2TE5n
.websteronline.com/	1969-12-31 23:59:59	Name: WOTCB Value: 4bfc8420-ed23-4278-b109-59fa76e94e68
.websteronline.com/	1969-12-31 23:59:59	Name: WOTCS Value: 8f2b0d0e-fe5a-499b-babc-6d377e9e110e
www.websteronline.com/	1970-01-19 21:38:15	Name: ADRUM_BT1 Value: "R:33\|i:834353\|e:11\|d:8"
www.websteronline.com/	1969-12-31 23:59:59	Name: NSC_JOdcibiich15sktckjvoudeuh21ytbt Value: ffffffff094d1a6445525d5f4f58455e445a4a422970
.adform.net/	1970-01-19 23:04:39	Name: uid Value: 2399074992399806410
.adform.net/	1970-01-19 21:39:41	Name: CM Value: 1\|1
.seadform.net/	1970-01-19 23:04:42	Name: uid Value: 2399074992399806410
.adform.net/	1970-01-19 21:58:24	Name: CM14 Value: 1633181441_1633095041_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
.agkn.com/	1970-01-20 06:23:51	Name: ab Value: 0001%3A81g0pbNyLgogjHs0fBHNmSEFk3nG5v0L
.casalemedia.com/	1970-01-20 06:23:51	Name: CMRUM3 Value: 3961570d8127602159827874167389843&6f61570d8127602399074992399806410
.advertising.com/	1970-01-20 06:25:17	Name: APID Value: UPc5f48d6a-22bb-11ec-85d2-061330fd91a8
.adscale.de/	1970-01-20 06:20:31	Name: uu Value: 2f96680f87164280a495f58dbf3234a2
.adscale.de/	1970-01-20 06:20:31	Name: cct Value: 1633095041704
.ih.adscale.de/	1970-01-20 06:20:31	Name: tu Value: 4#1184842718#42~2399074992399806410~453637~0~0
.360yield.com/	1970-01-19 23:47:51	Name: tuuid Value: 6c8ae49b-2333-49fd-9126-d633e480b01f
.360yield.com/	1970-01-19 23:47:51	Name: tuuid_lu Value: 1633095041
.yieldlab.net/	1970-01-20 06:23:51	Name: id Value: ede7520f-b8d6-4a07-ae21-2af694efcb4c
.mathtag.com/	1970-01-19 22:21:27	Name: mt_misc Value: mt_bt:1
ads.stickyadstv.com/	1970-01-19 23:04:39	Name: uid-bp-617 Value: 2399074992399806410
ads.stickyadstv.com/	1970-01-19 22:21:27	Name: UID Value: b615ba56d87ede99f2f6ccd8fa214a8
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 3357b7f23b2838d4fd63ae934051bd
public.websteronline.com/	1969-12-31 23:59:59	Name: liveagent_sid Value: 36c1900c-45da-4d33-9a97-4a41012d0f2c
.openx.net/	1970-01-20 06:23:51	Name: i Value: a562d00d-65eb-4ba4-bbe6-e05f8049268f\|1633095041
public.websteronline.com/	1970-01-20 06:23:51	Name: liveagent_vc Value: 2
public.websteronline.com/	1970-01-20 06:23:51	Name: liveagent_ptid Value: 36c1900c-45da-4d33-9a97-4a41012d0f2c
.yahoo.com/	1970-01-20 06:24:12	Name: A3 Value: d=AQABBIENV2ECELHyLNCeysns7LJebdLM8wUFEgEBAQFfWGFgYQAAAAAA_eMAAA&S=AQAAAu2gUM1snE3G_GSDrBSMYwg
.exelator.com/	1970-01-20 00:31:03	Name: EE Value: "ca917d20fde0a023c558c6f172ed3e75"
.analytics.yahoo.com/	1970-01-20 06:25:17	Name: IDSYNC Value: 1760~20pp
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPc5f48d6a-22bb-11ec-85d2-061330fd91a8
.yahoo.com/	1970-01-19 21:39:41	Name: APIDTS Value: 1633095041
cm.mgid.com/	1970-01-19 22:21:27	Name: mg_sync Value: {"433145":1633095041}
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l91F3wJ6iPu6
.mgid.com/	1970-01-19 21:38:16	Name: __cf_bm Value: ZLqRb3vWZ8MgU5vIjP3howMFNI7Kxq78yn2ji_C44Co-1633095041-0-AbaRDnsI13ZSq+Ih58C72hV0rGikL5O/w2iUFzJfCmS6FbUvzieV+YZS7rjs1gK8CbNqtC6rdqP0kzUrbmAEqs0=
.onaudience.com/	1970-01-20 06:23:51	Name: cookie Value: 5c15600f1eeef9ba
.onaudience.com/	1970-01-19 21:39:41	Name: done_redirects161 Value: 1
.semasio.net/	1970-01-20 06:23:51	Name: SEUNCY Value: A752D3A170DE237A
cm.adsafety.net/	1970-01-20 06:23:51	Name: UID Value: CM120211001139697fdcc636b7ce5f83
.adsafety.net/	1970-01-20 06:23:51	Name: cm_uid Value: CM120211001139697fdcc636b7ce5f83
.exelator.com/	1970-01-20 00:31:03	Name: ud Value: "eJxrXxzq6XKLQSE50dLQPMXIIC0l1SDRwMg42dTUItkszdDcKDXFONXcdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ4SX5RZvoiF9fFRSlpDItKik8F75NjAwCNXyl1"
.adnxs.com/	1970-01-19 23:47:51	Name: anj Value: dTM7k!M4/0F7/.XF']wIg2Hb:H=$Xx!@wnfH8KAM.xpH^Gm16tFopSnD?bSkEt?IsFopM'htGsyVpT`TsQ.v:c-jD=4tE1)5y3dsx78e9aPb0Di:pXstGt!@G>U*X198
tags.adsafety.net/	1970-01-20 06:23:51	Name: UID Value: fb9a0faa67cee5ad00fddd33816ea81d
tags.adsafety.net/	1970-01-20 06:23:51	Name: DID Value: fb9a0faa67cee5ad00fddd33816ea81d
tags.adsafety.net/	1970-01-20 06:23:51	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 06:23:51	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-19 22:21:27	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 06:23:51	Name: ct_uid Value: fb9a0faa67cee5ad00fddd33816ea81d
.adsafety.net/	1970-01-20 06:23:51	Name: ct_did Value: fb9a0faa67cee5ad00fddd33816ea81d
.adsafety.net/	1970-01-20 06:23:51	Name: ct_idt Value: 100
cm.adsafety.net/	1970-01-20 06:23:51	Name: permanent Value: 1
.crwdcntrl.net/	1970-01-20 04:07:01	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:07:01	Name: _cc_id Value: 5e8e95280d2e0120a5161ad4546374fb
.crwdcntrl.net/	1970-01-20 04:07:03	Name: _cc_cc Value: "ACZ4XmNQME21SLU0NbIwSDFKNTA0Mkg0NTQzTEwxMTUxMzY3SUtiAILEcN5GEA0FADkfCZA%3D"
.crwdcntrl.net/	1970-01-20 04:07:03	Name: _cc_aud Value: "ABR4XmNgYGBIDOdtBFJQAAAP8gFH"
.pubmatic.com/	1970-01-19 22:21:27	Name: KRTBCOOKIE_391 Value: 22924-2399074992399806410&KRTB&23263-2399074992399806410
.pubmatic.com/	1970-01-19 22:21:27	Name: PugT Value: 1633095041
.pubmatic.com/	1970-01-19 23:47:51	Name: PUBMDCID Value: 3
ads.smartstream.tv/	1970-01-20 06:23:51	Name: DID Value: fb9a0faa67cee5ad00fddd33816ea81d
ads.smartstream.tv/	1970-01-20 06:23:51	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 06:23:51	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-19 22:21:27	Name: cm_uid Value: CM120211001139697fdcc636b7ce5f83
.adfarm1.adition.com/	1970-01-19 23:47:51	Name: UserID1 Value: 7014089792373192843
.w55c.net/	1970-01-20 07:08:29	Name: wfivefivec Value: DFb0jSI41MwiCB5
.w55c.net/	1970-01-19 22:21:27	Name: matchadform Value: 5
.id5-sync.com/	1970-01-19 21:38:15	Name: cf Value:
.id5-sync.com/	1970-01-19 21:38:15	Name: cip Value:
.id5-sync.com/	1970-01-19 21:38:15	Name: cnac Value:
.id5-sync.com/	1970-01-19 21:38:15	Name: car Value:
.id5-sync.com/	1970-01-19 21:38:15	Name: gdpr Value:
.id5-sync.com/	1970-01-19 21:38:15	Name: callback Value:
.id5-sync.com/	1970-01-19 23:47:51	Name: id5 Value: 763569fc-f322-4895-9da7-14d940c8a052#1633095041934#2
cm.adsafety.net/	1970-01-20 06:23:51	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaM0JoR1RlMHRIcjJ6RkxaSmxpdjZkZWtid1QydUt4TnZra1hYS09QOXQ2R0VDbWxLUkUyTVgyTGhOQnBQTm81eDljTTNFc0tCakxtOUh0TzQ2ZFNCaDZKTmdVZXlneVY4NzBobXZFYlYvbXhvcW1Ca3gvR1JZYVJXd3lEWllLemNidm5ta0ZlOE14ZkplQTZQcDVDRkJrOGE4UTFvWk50Q2xoWTh2ODlvMStrVGJ1VE93K2cwZ3ZoWlhFZ25FSkNVOXgzY0V1K1psVVVNTlYycmRGZk12eTJZMFYwSSs0SU5YQ2pLS2dtVWpOUWx5cDg4LzVCTHFFdFh2eXEwaTNhUTBkdHNQVWtGWStQMlFyR1dmUG8vd01lSkx3TWgrZXhDYU5aS2E4K0EzYUltZGlQOWdtL2gvRk9iUm5FdXhQbkVHdGk3cmpReVg5RzBsVDhJUlhTVU5UcmtJMEVpbXhjcE1oWEVSTjZsQWllLzk5REg3QStBMVpiZjJmNDliQUh0Z3ZSd1B3dGpVVXoyZmZTbUFmaTBWU1FqR1FwcHFpVWsrRXExdDhsYXRIbndjblk1U2RBM1JVNW1aMFlqS0VrQWQzWXBLQVpoQkRKVzFOZ2NxVFByTzlPM2lIWVpMejdGWXFtSEVIamlTazhnMTZ3cWJRc0VLYjU1M3ord0oyMFRsZllKUWEzVzM2N1lTSkt6R3dtbVlVZmFIWmNOOHdXMDRkVmFnM3Z0QlVKWEhVTWFKT05HRmh2RmF4RDVKTTUybEc2THpKdDc4dXl3VjBycXJJYUxrU2wxRGVJUjRXZFgzRTR2ZCsxS3oybGRFbW1aUlhKb2NocHg2VHFHb2JJRHArdnN5UWp2WDJKb3lNSTk0enJScHEyVGpRbXR2RzBsTXBiNHdlc0JPSUFra0duclZ2Rng3cDhYZ2RFTFh0Q0hsYTUrU3ZkRjVSTjBPNElxQWtrUUlGMG85ZmlrLy9XbXBUc3dYQisyN0xxbVk1NHNjTjlOVG9zY1ZLV3NyZFQ0VXQ3a0U0aVROcVg2bDJnMFIzcmhxU1NrYmptdExJeURvbGFENzJrUXluWDlkSkwydmlsUkxXTXlrZ1liWWlCc2c9PQ%3D%3D
.360yield.com/	1970-01-19 23:47:51	Name: um Value: !42,PcPU8DAqr2Uc7W.fRvrJAWSfHNwRxI1fU11aCY.kEUbJ,1634304641!79,uEgYuYvk35iKSo.ykHH7-rabavPQduIIVIST.Mr.An64SKMRFvq0.zU7S3U7JRshSxl-ZYrAkS9t0HyK,1640871041
.360yield.com/	1970-01-19 23:47:51	Name: umeh Value: !42,0,1695303041,-1!79,0,1695303041,-1
.adsrvr.org/	1970-01-20 06:23:51	Name: TDID Value: 8ed5d710-500f-40cc-a3bd-77166f1e176a
.adsrvr.org/	1970-01-20 06:23:51	Name: TDCPM Value: CAEYBSABKAIyCwi27cbWzLqCOhAFOAE.
.bluekai.com/	1970-01-20 01:57:27	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 01:57:27	Name: bkpa Value: KJpEnXTLu5DlBMRt1nnwEnWN1gS6Be9lLqxW1uy1pWy1exYKu9Cs
.bluekai.com/	1970-01-20 01:57:27	Name: bku Value: aG/99/WBPtahTuX3
.1dmp.io/	1970-01-20 06:23:51	Name: uid Value: c6264bb0-22bb-11ec-a15e-901b0e8d6a9d
.weborama.fr/	1970-01-20 07:09:55	Name: AFFICHE_W Value: 4feWFsL@tK-h52
.3lift.com/	1970-01-19 23:47:51	Name: tluid Value: 13060494939766056876
.tapad.com/	1970-01-19 23:04:39	Name: TapAd_TS Value: 1633095042056
.tapad.com/	1970-01-19 23:04:39	Name: TapAd_DID Value: c3b97176-fabc-4903-b6f5-a05a7193a4fd
.tapad.com/	1970-01-19 23:04:39	Name: TapAd_3WAY_SYNCS Value:
.audrte.com/	1969-12-31 23:59:59	Name: arcki2 Value: b0djvdAhlSVQ9Gfb8CpukGrag!20210804!1633095042206
.audrte.com/	1969-12-31 23:59:59	Name: arcki2_TT Value: 1633095042206!b0djvdAhlSVQ9Gfb8CpukGrag!6c6fe68e-4096-4245-a5f4-4f251c100ba4#77d4dda7-7f93-4267-9481-9ec318443f55#b886542f-b1d3-4c85-99eb-299da71db0a7#86ca7665-9571-4a40-9d8d-30902c2c3261#c7f58d5f-beff-3ab5-889e-6ea6d7362a24#d8f33930-8f86-3280-9de5-4ae60c567205#62a4bee6-d424-3b63-a654-0540990bf4ab#bf13046b-c3e0-31f6-acd5-267f7d82e2b6#f9b7e21e-4a29-4602-a92a-b851d7a073ea!adform#ddp
.mediarithmics.com/	1970-01-20 06:23:51	Name: mics_vid Value: 21168907242
.mediarithmics.com/	1970-01-20 06:23:51	Name: mics_uaid Value: web:1:bdcfb2b7-feb9-45ed-bd07-fb2a66350724
.mediarithmics.com/	1970-01-20 06:23:51	Name: mics_lts Value: 1633095042296
.id5-sync.com/	1970-01-19 23:47:51	Name: 3pi Value: 18#1633095042391#-1707072418\|10#1633095041944#-1103975390#2399074992399806410\|124#1633095041968#267034160
.rezync.com/	1970-01-20 01:57:01	Name: zync-uuid Value: 2f00fe3a-4464-4214-aceb-c72708b698d4:1633095043.06
live.rezync.com/	1970-01-20 06:59:51	Name: sd-session-id Value: .eJwVysEKgjAYAOBXif_sQZfmFDpEmgT9E6GQeZGyHbbUwk2kie-eHT_4Zqg_YujuvegNxGYYhQNNK1dpiGfQ0nbiBTEQL4goCWnoe7twSyPqb2FxQAut5buv5fO_N491YscnzKoWSWpYUhB2dF1UqXspT6oqz4bb5svsweeKB3lWuLlKCVqc8uttYgmOmPA9LMsPlx8wXQ.FDifAw.By_XKQ_4C-FdmWDFUgNUp9M3Cew
.rfihub.com/	1970-01-20 06:59:51	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12dTEpSEsyKw93Ky4xsDQN8o8sjMg1dFXiVIl38o4PDfV0CeI1NDM2BsoZmBgamxhlIXFNzCxmMSLxDS0sV6HxT6HxX6Hxf6HxJzGh8meh8Reh8Veh8Teh8Xehq2dB5d9C4y9iFYgMS_ZLD3R0q0j0CqhydAxZxYqkxNTYcBMrmhXcaF5C408SNjJKMzBISzVO1DUxMTPRNTEyNNFNTE5N0k02NzI3sEgys7RIMbGCazLWMzCbJYwwxMTY1GiRMKqhj9D4AIKKMNnPAQAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dTEpSEsyKw93Ky4xsDQN8o8sjMg1dFXiVIl38o4PDfV0WcUoEBmW7Jce6OhWkegVUOXoGNLEYmSUZmCQlmqcqGtiYmaia2JkaKKbmJyapJtsbmRuYJFkZmmRYmJlaGZsDDTUwMRYz8AMACuyUB1xAAAA
.rlcdn.com/	1970-01-20 06:23:51	Name: rlas3 Value: 93WLN21y5sIdeKhs3HPLWmdYY8FjXhfESPEdwQP3se4=
.rlcdn.com/	1970-01-19 23:04:39	Name: pxrc Value: CISb3IoGEgYIuuoBEAA=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://di.rlcdn.com/468366.html?pdata=page_id%3DCOMMERCIAL Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2399074992399806410 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2399074992399806410 Message: Failed to load resource: net::ERR_EMPTY_RESPONSE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'unsafe-inline' 'unsafe-eval' 'self' data: https:; report-uri /report-csp-violation
Strict-Transport-Security	max-age=1000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20825635p.rfihub.com
a.audrte.com
a.rfihub.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
bam-cell.nr-data.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c.la1-c1cs-ord.salesforceliveagent.com
c1.adform.net
c1.rfihub.net
click.email.websterbank.com
cm.adsafety.net
cm.g.doubleclick.net
cm.mgid.com
cm.smartstream.tv
connect.facebook.net
contextual.media.net
cookie-matching.mediarithmics.com
d.la1-c2-ord.salesforceliveagent.com
d.la4-c2-ia5.salesforceliveagent.com
data.coremetrics.com
di.rlcdn.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js-agent.newrelic.com
libs.coremetrics.com
live.rezync.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
p.rfihub.com
p.typekit.net
partners.tremorhub.com
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
public.websteronline.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
simage2.pubmatic.com
stags.bluekai.com
static.websteronline.com
sync-tm.everesttech.net
sync.1dmp.io
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
tags.tiqcdn.com
tmscdn.coremetrics.com
tn.alphonso.tv
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.websteronline.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
global.ib-ibi.com
104.111.215.191
104.111.218.85
104.111.227.33
104.111.242.245
104.19.134.78
104.75.88.194
12.216.193.68
12.216.193.69
13.108.250.6
13.108.251.135
13.110.71.224
13.111.23.189
13.225.87.126
13.225.87.93
13.248.245.213
130.211.141.45
139.162.146.37
142.250.181.226
142.250.186.130
145.239.1.221
146.59.148.16
151.101.130.137
151.101.2.49
162.247.243.146
164.132.158.126
18.158.92.16
18.184.95.242
184.30.24.22
185.167.164.51
185.64.190.80
185.86.138.144
185.94.180.126
193.0.160.128
2.18.233.201
2.18.234.21
2.18.234.233
2600:1f18:612b:4200:787a:99c3:22c2:11ca
2600:9000:20eb:0:1b:5138:8a40:93a1
2600:9000:21f3:9400:1:76cf:fe80:93a1
2620:1ec:c11::200
2a00:1450:4001:802::2008
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2004
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a02:6ea0:c700::11
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.123.161.47
3.124.210.90
3.126.56.137
3.127.92.82
3.211.82.118
3.218.70.254
34.254.143.3
35.157.138.20
35.157.2.63
35.190.16.14
35.227.248.159
35.244.159.8
35.244.174.68
37.157.5.71
37.157.6.245
37.157.6.247
37.252.172.250
37.252.172.36
46.19.11.36
51.75.146.199
51.77.65.171
52.18.85.49
52.208.103.128
52.211.146.69
52.218.80.20
52.57.38.160
52.86.83.177
54.195.112.3
54.224.36.233
69.173.144.138
69.173.144.139
76.223.111.131
77.243.60.138
80.85.85.173
85.114.159.118
88.99.149.88
010197d1993c80fa2d28758f166043e0eace7c062d11df8a4bcb342fa8755b53
083d99083eadbee042030cf8b82b1eaff6a874255778d1a3e2de9699145f3ea4
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0bb801749c446285c0e8eec7b9ea1a8d6bb541f72ab355312a3fa1bb89d7d166
0e05fe03476c4fa05670a29e7e373fa0cd6ae5fc43ad62c76938a7dd7d0625a4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
157bca22e7401293105191b158564103237f7a69d3ccfd77fa6bbb774d83e72d
18062e25088f85dc10a1c46ff6adb373eba4d251654e3de4f5fbbd9d9a0679e2
19f1ea9021842f1be1cd11238a6ca7402eef0688a3ba2805a94e20a41e80e71f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c43689cf0a6dc2d847151a6f657bcf30ab6e3e4e2c081d857e727986b2e03ee
1c7f2d633070725e049d7fc574ef317845ac659d72c34bc12f0b34f15d3291dd
244ab27d5c470e357844e3d5e6c6538cbce399e208aa95ad1b7ee6a59ed31b91
25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31
266df72df542725c4d3db716f11d400d72479dff9527e4b825629ae8574cfdd8
29cbbc904491419df6072fa909da83136461831a5f8f91a2d8344c53cabd0c8c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37b0b955d1f0071245128ed807bcb37c5f2e39fc7983d4c189e21ea26d93e7a6
395da7cf98677da7ab8edecad7a879129bcf1789f34a1aeb9347271424461e64
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
3ca7887d231b8860ac5507d3ffb022394f641acc9d27d517da757219e25bb98a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4ae9a2717aee3cb40ae99969f9aac52eb3f8f5297c4836b99f0c396be5b944b2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
53f380c56bc5d70c9b49ba3f08c818058caed287bf1a65e685cf859a8cc9a96b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f8f5550a15f521dd22a18594ae28ca2d23a1b0ed3f3a27b313beecf0c668c2
553e8fba42fb54e05b1afd0b0c5244a48b636978c18927efac85bc6db69baf5f
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
57ce46084c4c06e56db539cc29126d3f06501c22b64a3481120e08de9b24fec0
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5bed3586512ba82fb13f31fedb6c3845394690aec1099cd35e65d12e57ca191b
6310e29c0832c9065fb32d11d1a69f1b75074f6366ffe66587b08c2efe3f6468
6929a754f1dcd8b867ded7df19adc22478cfee4ce691ff0a0e6cc76e59580ccf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f84d48852a251c7a2e8715153e43acf6e361eddb8c2f0cd93aa88a15bf501f4
7de02cc350bdc0845200d5e28187a5ab4832496cfa22be90a4de09d1b8909488
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b
80eb5bb22c350b6e7d6b0d133860eb4ed3cb91a3b8cd301ac00f2aecef47c903
824ecb6b2f92c70d5436b7530780c36547ce69a2b66aa965b72a2641047b8e82
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8568a11261bf9bac917778c5c49b437ed0e4bdad992048e9fd29972f39360dd8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c5274aec9c4a656a085eda895e156d03470903630f25ba353abb0914fa2061c
8d4fade4cf73e523b8c0150dc8b015a203c3b8aa69e061fec77850b0f7a96e5b
9341bc8a0564ea2d04a9f6eb2b29654f9f91d7bc6e1123e3c4557358bffbd879
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ab106bc0856b9a53e98dcfd530d1a25488a6fd46066e04f0fccecae2764167f
9b536bd20b8743a0605e63afefdb6ef5e7429e36d6fff910d530145e06743d6a
9bd20ff362a87f1b42989e3a1b21e2197f8ebe51e7df4406f8b15d580b0ab50a
a03c3f062878145314ee8deadffe96a9c3c5adad130c2d6f6c4c8a8ddebbff0f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1b295ca39f3510a1dd3e4e1770c45b437e1927f99883352ad6f2ee72d44181b
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a5bb984e626d25be3d71487881938564b13f6b43f80891f25c6b04a772328e08
a9f277261030fc350875f351bc5ea5cbde683d28eff1ec5800b1a0162b0fe464
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7bec3f0f0aa19fcfcd6df4663f7c636014a6e881f49087a454c0501575b96ce
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4b585618df4ba112fec9f8e2de393a31e0d2031f84a0eae37fe29c6a24e086
bf1573e9be3dbbd3d7c148a5008989068f879e7146f99ae4bcb1ddfd0df4e769
c421bd0ab6e93ad6d5a14be207226ea49d5c7abe6579574a84e12caa68cf8460
c5b1562fba8ccf5b8138a0fc9a7fdbc0397bee469df7e99f96921aea74305ce0
c642c7ca52f6c1109ae4f95cc996868b27c2aa5d230bb2fae8b73969093eac17
ca793767914443217c2ccdd3860b99bc7fbc463643b98b52b0c85a540013f204
cb25d90d09a4de0c2216b8f51ba557483481c64c909abe791fc58d69a3d5c8f4
cc26b447d58c97a03b34a25d18020a210cb7b1869175fc768314cce874a6866b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2f65b5b23c8346bf2a6a561789dd547803405f7291e517798c2f048dd0e7318
d4ac0dbfa81a8ae80a5601a7759f813ff65382bc2ee803dfa62b9cf465281e27
d9a0dc5b4fbf20b70aab7763c674403b3c90917d87260ff66fbd8ba82a136adf
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df5b10fbcfca5d22836e9a7ef86c2011d99ff5845e978b1861d54990aff42910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d09fc0364013f1df6ceef76b4c1981fc345faefa2090aef85765c2db44b925
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc84783941b9e95742edc7be7d4135d6755f2c5d931dec73837f452698fab5b
f703617946f9773e55cfb1a7a3f93cbe30ff22a4884d80ccdd9ec3b2d511d5fd
f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

public.websteronline.com Open in urlscan Pro 3.218.70.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

99 %HTTPS

18 %IPv6

76 Domains

98 Subdomains

71 IPs

9 Countries

1810 kBTransfer

4325 kBSize

140 Cookies

11 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

public.websteronline.com Open in urlscan Pro
3.218.70.254 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

99 %
HTTPS

18 %
IPv6

76
Domains

98
Subdomains

71
IPs

9
Countries

1810 kB
Transfer

4325 kB
Size

140
Cookies

144 HTTP transactions
1 data transactions