urlscan.io logo urlscan.io
SecurityTrails logo

signonvscreen-go.webcindario.com Open in urlscan Pro
5.57.226.202  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbee...
Submission: On March 30 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 8 countries across 46 domains to perform 161 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks - StackScale, ES. The main domain is signonvscreen-go.webcindario.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 16th 2019. Valid for: 3 months.
This is the only time signonvscreen-go.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

IP Address AS Autonomous System
5 5.57.226.202 29119 (SERVIHOST...)
4 2a00:1450:400... 15169 (GOOGLE)
2 3.17.116.255 16509 (AMAZON-02)
1 185.103.39.29 29119 (SERVIHOST...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 205.185.216.10 20446 (HIGHWINDS3)
5 146.20.133.47 27357 (RACKSPACE)
8 146.20.129.103 27357 (RACKSPACE)
2 146.20.133.41 27357 (RACKSPACE)
12 51.68.180.203 16276 (OVH)
8 146.20.129.113 27357 (RACKSPACE)
1 2600:9000:200... 16509 (AMAZON-02)
4 8 104.111.214.103 16625 (AKAMAI-AS)
6 185.28.138.14 197541 (VIDEOPLAZ...)
16 2a00:1450:400... 15169 (GOOGLE)
1 52.23.95.206 14618 (AMAZON-AES)
5 185.94.180.123 35220 (SPOTX-AMS)
1 8 185.86.137.42 201081 (SMARTADSE...)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
11 2.18.233.180 16625 (AKAMAI-AS)
2 185.64.189.111 62713 (AS-PUBMATIC)
1 37.59.34.134 16276 (OVH)
1 3.93.230.61 14618 (AMAZON-AES)
1 1 54.154.201.99 16509 (AMAZON-02)
14 146.20.129.120 27357 (RACKSPACE)
6 6 52.215.24.84 16509 (AMAZON-02)
1 51.77.128.18 16276 (OVH)
1 104.111.241.32 16625 (AKAMAI-AS)
1 54.247.70.45 16509 (AMAZON-02)
1 1 54.85.109.204 14618 (AMAZON-AES)
1 1 52.5.0.37 14618 (AMAZON-AES)
1 1 46.228.164.13 56396 (TURN)
1 2 54.154.86.186 16509 (AMAZON-02)
2 2 173.241.240.143 36089 (OPENX-AS1)
6 6 151.101.2.49 54113 (FASTLY)
2 2 151.101.192.166 54113 (FASTLY)
1 34.95.92.78 15169 (GOOGLE)
1 1 172.217.18.162 15169 (GOOGLE)
1 1 104.17.119.107 13335 (CLOUDFLAR...)
2 2 185.33.223.216 29990 (ASN-APPNEXUS)
1 1 67.226.210.14 395486 (TREMOR-VIDEO)
3 5 185.64.189.216 62713 (AS-PUBMATIC)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
1 1 185.64.189.114 62713 (AS-PUBMATIC)
1 1 2001:4860:480... 15169 (GOOGLE)
1 1 91.228.74.213 27281 (QUANTCAST)
1 1 185.29.135.48 30419 (MEDIAMATH...)
1 69.16.175.42 20446 (HIGHWINDS3)
1 2a00:1288:7c:... 43428 (YAHOO-ULS)
161 40
5    5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES)
signonvscreen-go.webcindario.com
4    2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    3.17.116.255 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-17-116-255.us-east-2.compute.amazonaws.com
ads.vidoomy.com
1    185.103.39.29 (Netherlands)

ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES)
static.addevweb.com
1    2606:4700:20::6819:ce08 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hosting.miarroba.info
1    2a00:1450:4001:820::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:806::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
6    2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
3    2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:400c:c0c::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:816::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
5    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
ad.lkqd.net
5    146.20.133.47 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
v.lkqd.net
8    146.20.129.103 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
t.lkqd.net
2    146.20.133.41 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
v.lkqd.net
12    51.68.180.203 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3125521.ip-51-68-180.eu
static.sunmedia.tv
track.sunmedia.tv
8    146.20.129.113 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
t.lkqd.net
1    2600:9000:200d:e600:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
js.agkn.com
8    104.111.214.103 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
6    185.28.138.14 (Sweden)

ASN197541 (VIDEOPLAZA-AS, SE)
PTR: stc-185-28-138.videoplaza.net
es-sunicontent.videoplaza.tv
mx-sunmedia.videoplaza.tv
16    2a00:1450:4001:825::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
imasdk.googleapis.com
1    52.23.95.206 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-23-95-206.compute-1.amazonaws.com
d.agkn.com
5    185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
search.spotxchange.com
8    185.86.137.42 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
5    2a00:1450:4001:818::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
5    2a00:1450:4001:81d::2006 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
s0.2mdn.net
11    2.18.233.180 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
2    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
vid.pubmatic.com
1    37.59.34.134 (France)

ASN16276 (OVH, FR)
PTR: eu.srv001.richaudience.com
s.richaudience.com
1    3.93.230.61 (Fairfield, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-93-230-61.compute-1.amazonaws.com
rtb.adentifi.com
1    54.154.201.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-201-99.eu-west-1.compute.amazonaws.com
match.adsrvr.org
14    146.20.129.120 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
cs.lkqd.net
6    52.215.24.84 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-24-84.eu-west-1.compute.amazonaws.com
sync.tidaltv.com
1    51.77.128.18 (United Kingdom)

ASN16276 (OVH, FR)
PTR: proxy0391.eu3.dynfactory.com
gu.dyntrk.com
1    104.111.241.32 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    54.247.70.45 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-70-45.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    54.85.109.204 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
track.eyeviewads.com
1    52.5.0.37 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
pixeltrack.eyeviewads.com
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
2    54.154.86.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-86-186.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
us-u.openx.net
6    151.101.2.49 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
sync-tm.everesttech.net
2    151.101.192.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
bh.contextweb.com
1    34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com
idsync.rlcdn.com
1    172.217.18.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f2.1e100.net
cm.g.doubleclick.net
1    104.17.119.107 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cookie.brealtime.com
2    185.33.223.216 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
secure.adnxs.com
1    67.226.210.14 (United States)

ASN395486 (TREMOR-VIDEO - Tremor Video DSP, Inc, US)
PTR: nginx14.iad1.videohub.tv
dt-secure.videohub.tv
5    185.64.189.216 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image8.pubmatic.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image2.pubmatic.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image4.pubmatic.com
1    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE - Google LLC, US)
x.mdhv.io
1    91.228.74.213 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
cms.quantserve.com
1    185.29.135.48 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
sync.mathtag.com
1    69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: tlb.hwcdn.net
vpaid.springserve.net
1    2a00:1288:7c:800::4000 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)
cdn-ssl.vidible.tv
Apex Domain
Subdomains		 Transfer
42 lkqd.net
ad.lkqd.net
v.lkqd.net
t.lkqd.net
cs.lkqd.net Failed
304 KB
21 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
334 KB
16 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
409 KB
12 sunmedia.tv
static.sunmedia.tv
track.sunmedia.tv
19 KB
9 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
187 KB
8 smartadserver.com
www8.smartadserver.com
9 KB
8 scorecardresearch.com
sb.scorecardresearch.com
5 KB
7 google.com
adservice.google.com
www.google.com
1 KB
6 everesttech.net
sync-tm.everesttech.net
3 KB
6 tidaltv.com
sync.tidaltv.com
3 KB
6 videoplaza.tv
es-sunicontent.videoplaza.tv
mx-sunmedia.videoplaza.tv
13 KB
5 2mdn.net
s0.2mdn.net
42 KB
5 spotxchange.com
search.spotxchange.com
6 KB
5 webcindario.com
signonvscreen-go.webcindario.com
122 KB
4 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
293 B
2 adnxs.com
secure.adnxs.com
ib.adnxs.com Failed
2 KB
2 contextweb.com
bh.contextweb.com
2 KB
2 openx.net
us-u.openx.net
770 B
2 demdex.net
dpm.demdex.net
1 KB
2 eyeviewads.com
track.eyeviewads.com
pixeltrack.eyeviewads.com
577 B
2 agkn.com
js.agkn.com
d.agkn.com
3 KB
2 google.de
adservice.google.de
www.google.de
590 B
2 google-analytics.com
www.google-analytics.com
17 KB
2 vidoomy.com
ads.vidoomy.com
4 KB
1 vidible.tv
cdn-ssl.vidible.tv
13 KB
1 springserve.net
vpaid.springserve.net
90 KB
1 mathtag.com
sync.mathtag.com
453 B
1 quantserve.com
cms.quantserve.com
646 B
1 mdhv.io
x.mdhv.io
219 B
1 videohub.tv
dt-secure.videohub.tv
504 B
1 brealtime.com
cookie.brealtime.com
551 B
1 rlcdn.com
idsync.rlcdn.com
62 B
1 turn.com
d.turn.com
492 B
1 krxd.net
beacon.krxd.net
453 B
1 bluekai.com
stags.bluekai.com
655 B
1 dyntrk.com
gu.dyntrk.com
215 B
1 adsrvr.org
match.adsrvr.org
497 B
1 adentifi.com
rtb.adentifi.com
88 B
1 richaudience.com
s.richaudience.com
357 B
1 googletagservices.com
www.googletagservices.com
28 KB
1 googletagmanager.com
www.googletagmanager.com
18 KB
1 miarroba.info
hosting.miarroba.info
426 B
1 addevweb.com
static.addevweb.com
39 KB
0 spotx.tv Failed
js.spotx.tv Failed
0 loopme.me Failed
csync.loopme.me Failed
0 sabio.us Failed
media.sabio.us Failed
161 46
Domain Requested by
16 t.lkqd.net ad.lkqd.net
signonvscreen-go.webcindario.com
15 imasdk.googleapis.com static.addevweb.com
imasdk.googleapis.com
14 cs.lkqd.net
9 static.sunmedia.tv static.addevweb.com
8 www8.smartadserver.com 1 redirects static.addevweb.com
8 sb.scorecardresearch.com 4 redirects signonvscreen-go.webcindario.com
7 v.lkqd.net ad.lkqd.net
6 sync-tm.everesttech.net 6 redirects
6 sync.tidaltv.com 6 redirects
6 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
5 image8.pubmatic.com 3 redirects
5 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.net
blank
5 s0.2mdn.net imasdk.googleapis.com
5 tpc.googlesyndication.com static.addevweb.com
5 search.spotxchange.com static.addevweb.com
5 es-sunicontent.videoplaza.tv static.addevweb.com
5 ad.lkqd.net ads.vidoomy.com
ad.lkqd.net
5 signonvscreen-go.webcindario.com signonvscreen-go.webcindario.com
4 ads.pubmatic.com vpaid.pubmatic.com
4 pagead2.googlesyndication.com signonvscreen-go.webcindario.com
pagead2.googlesyndication.com
3 track.sunmedia.tv
2 image2.pubmatic.com 2 redirects
2 secure.adnxs.com 2 redirects
2 bh.contextweb.com 2 redirects
2 us-u.openx.net 2 redirects
2 dpm.demdex.net 1 redirects
2 aktrack.pubmatic.com
2 vid.pubmatic.com vpaid.pubmatic.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 ads.vidoomy.com signonvscreen-go.webcindario.com
1 cdn-ssl.vidible.tv vpaid.springserve.net
1 vpaid.springserve.net ad.lkqd.net
1 sync.mathtag.com 1 redirects
1 cms.quantserve.com 1 redirects
1 x.mdhv.io 1 redirects
1 image4.pubmatic.com 1 redirects
1 dt-secure.videohub.tv 1 redirects
1 cookie.brealtime.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 idsync.rlcdn.com
1 d.turn.com 1 redirects
1 pixeltrack.eyeviewads.com 1 redirects
1 track.eyeviewads.com 1 redirects
1 beacon.krxd.net
1 stags.bluekai.com
1 gu.dyntrk.com
1 match.adsrvr.org 1 redirects
1 rtb.adentifi.com
1 s.richaudience.com static.addevweb.com
1 mx-sunmedia.videoplaza.tv static.addevweb.com
1 d.agkn.com js.agkn.com
1 fonts.googleapis.com
1 js.agkn.com signonvscreen-go.webcindario.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 www.google.de signonvscreen-go.webcindario.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 adservice.google.de pagead2.googlesyndication.com
1 www.googletagmanager.com signonvscreen-go.webcindario.com
1 hosting.miarroba.info signonvscreen-go.webcindario.com
1 static.addevweb.com signonvscreen-go.webcindario.com
0 js.spotx.tv Failed vpaid.springserve.net
0 ib.adnxs.com Failed vpaid.springserve.net
0 csync.loopme.me Failed
0 media.sabio.us Failed
161 66

This site contains no links.

Subject Issuer Validity Valid
webcindario.com
Let's Encrypt Authority X3		 2019-01-16 -
2019-04-16		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.vidoomy.com
Don Dominio / MrDomain RSA DV CA		 2018-10-18 -
2019-10-18		 a year crt.sh
*.addevweb.com
COMODO RSA Domain Validation Secure Server CA		 2017-09-11 -
2019-09-11		 2 years crt.sh
ssl391079.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-13 -
2019-09-19		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.lkqd.net
Go Daddy Secure Certificate Authority - G2		 2016-05-31 -
2019-07-12		 3 years crt.sh
*.sunmedia.tv
COMODO RSA Domain Validation Secure Server CA		 2018-01-19 -
2021-01-18		 3 years crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2018-06-21 -
2020-09-16		 2 years crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.videoplaza.tv
Go Daddy Secure Certificate Authority - G2		 2019-02-19 -
2020-02-19		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-18 -
2021-03-17		 2 years crt.sh
*.smartadserver.com
Thawte RSA CA 2018		 2018-09-07 -
2020-02-17		 a year crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2018-12-13 -
2020-03-13		 a year crt.sh
*.richaudience.com
RapidSSL RSA CA 2018		 2019-03-07 -
2021-04-05		 2 years crt.sh
*.adentifi.com
Go Daddy Secure Certificate Authority - G2		 2016-10-31 -
2019-10-31		 3 years crt.sh
bko.dynadmic.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-06-01 -
2019-08-23		 a year crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA		 2018-12-10 -
2020-03-10		 a year crt.sh
*.krxd.net
Go Daddy Secure Certificate Authority - G2		 2017-06-12 -
2019-07-11		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.rlcdn.com
Go Daddy Secure Certificate Authority - G2		 2017-05-08 -
2019-06-21		 2 years crt.sh
*.springserve.net
COMODO RSA Domain Validation Secure Server CA		 2018-04-30 -
2020-04-29		 2 years crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2019-02-19 -
2019-08-21		 6 months crt.sh

This page contains 28 frames:

Primary Page: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Frame ID: 23CDE3A18B925B0BDC3BDB913DD626B1
Requests: 66 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Frame ID: 2C7D3A8C1257C4BC8CCABFCAEEAAC398
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190327/r20190131/zrt_lookup.html
Frame ID: F1ABC507E0F512A215CAA7EBF97F0691
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1553948342&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1553948342127&bpp=28&bdt=197&fdt=80&idt=75&shv=r20190327&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=5065620390416&frm=20&pv=2&ga_vid=600640566.1553948342&ga_sid=1553948342&ga_hid=1436348820&ga_fc=0&iag=0&icsg=8360&dssz=10&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=20040081%2C21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=1040&bc=15&osw_key=1224368391&ifi=0&uci=0.yw59qktzfz0i&fsb=1&dtd=109
Frame ID: B1E842A0F2AA811DE9B8829F95432044
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js?pid=430&sid=642145
Frame ID: 7A01BB3BFB5351631F36365A905E6E22
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: DF7E3C58341C7F7505D40A7F6BEC77A9
Requests: 3 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6FC2E760032198207F81EFA6C401A210
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 9A0AC24AE0ED7176D3E7ACEBD8C4E8DD
Requests: 4 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 387C887056702645C48EF18BDEA53ACA
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 60FEDA5B791D71B30A874FAB724B4178
Requests: 8 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=553146127&gdpr=&gdpr_consent=&url=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 52DA85FE402A530D083D73FFDBB2FB94
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3459096636%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll
Frame ID: A94B5CDC22E4D275EF6EB7664C4CA207
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Frame ID: AED3627ED25FA84676BDA02D455CC6A9
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Frame ID: 2457599C5CD07C381D3321F9FDF35C22
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll&correlator=893122562
Frame ID: B5B91DDC90837613251A714BD19403FE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8366633D403779AB208214E9A663FA7E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Frame ID: EBACAC88DB943B52CA423B6189A24B60
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: C54A25DCC71A54A22B5DBD5AD14AE9B5
Requests: 29 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 13B55F1888817D45EC0F70F2E9E490CA
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.springserve.net/production/vpaid_627b678b.js
Frame ID: 95E9D7B7D59409C06527449C8B206465
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3459096636%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll&correlator=314073442
Frame ID: DCAFF195426BB172DE5DA8BA43E1B895
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Frame ID: 291AA4D502AFB6A5FBD91A5991D92EA3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll
Frame ID: C3984CC28177CCEC7199C64C9E1C0D63
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Frame ID: FE0B8D3FEDA3D7C072194139513575DF
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Frame ID: D9CB86F1F8C6972F935FDE834ADFD822
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3AB66C4BF1C44C9B227283C02CF9D401
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3459096636%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll&correlator=481050466
Frame ID: 36DE1D165C76846AD4A6DB7A1EBD4100
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Frame ID: DE732754CCC66180C05B67AAE7B1683D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • env /^_?COMSCORE$/i

Page Statistics

161
Requests

96 %
HTTPS

28 %
IPv6

46
Domains

66
Subdomains

40
IPs

8
Countries

1659 kB
Transfer

4491 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1436348820&t=pageview&_s=1&dl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&ul=en-us&de=UTF-8&dt=%CE%92%D0%B0nk%20%D0%BEf%20%CE%91m%D0%B5r%D1%96%D1%81%D0%B0%20%7C%20%CE%9Fnl%D1%96n%D0%B5%20%CE%92%D0%B0nk%D1%96ng%20%7C%20%D0%85%D1%96gn%20%CE%99n%20%7C%20Sitekey&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=YEBAAAABC~&jid=317180650&gjid=1331131920&cid=600640566.1553948342&tid=UA-597118-7&_gid=1007261578.1553948342&_r=1&gtm=2wg3i1T2VG59&z=830528285 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=600640566.1553948342&jid=317180650&_gid=1007261578.1553948342&gjid=1331131920&_v=j73&z=830528285 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=600640566.1553948342&jid=317180650&_v=j73&z=830528285 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=600640566.1553948342&jid=317180650&_v=j73&z=830528285&slf_rd=1&random=3965952012
Request Chain 42
  • https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09 HTTP 302
  • https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Request Chain 43
  • https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=318253339&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=4947143 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=318253339&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=4947143
Request Chain 54
  • https://sb.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1553948344901&ns_c=UTF-8&cv=3.1e&c8=%CE%92%D0%B0nk%20%D0%BEf%20%CE%91m%D0%B5r%D1%96%D1%81%D0%B0%20%7C%20%CE%9Fnl%D1%96n%D0%B5%20%CE%92%D0%B0nk%D1%96ng%20%7C%20%D0%85%D1%96gn%20%CE%99n%20%7C%20Sitekey&c7=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1553948344901&ns_c=UTF-8&cv=3.1e&c8=%CE%92%D0%B0nk%20%D0%BEf%20%CE%91m%D0%B5r%D1%96%D1%81%D0%B0%20%7C%20%CE%9Fnl%D1%96n%D0%B5%20%CE%92%D0%B0nk%D1%96ng%20%7C%20%D0%85%D1%96gn%20%CE%99n%20%7C%20Sitekey&c7=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&c9=
Request Chain 56
  • https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1623435578&gdpr=1&gdpr_consent=1 HTTP 302
  • https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1623435578&gdpr=1&gdpr_consent=1&cklb=1
Request Chain 97
  • https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=lkqd HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=lkqd HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=lkqd&gdpr=1&gdpr_consent=&user_id=JAFKUCQHEAQ8VkFSJAdeB3AHElA8UBEAIVKVIxiP HTTP 302
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=d4ab9f5b-8b2a-498a-aaa6-b6c55933f065&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dd4ab9f5b-8b2a-498a-aaa6-b6c55933f065%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253Dd4ab9f5b-8b2a-498a-aaa6-b6c55933f065 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=d4ab9f5b-8b2a-498a-aaa6-b6c55933f065&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dd4ab9f5b-8b2a-498a-aaa6-b6c55933f065 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=d4ab9f5b-8b2a-498a-aaa6-b6c55933f065
Request Chain 98
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=0694ea20-b7f4-4367-83ca-8a842d362cd3
Request Chain 99
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=2590fba9-3db1-4d4c-810c-7431c2f00400&gdpr=1&gdpr_consent=
Request Chain 104
  • https://track.eyeviewads.com/sync/lkqd HTTP 302
  • https://pixeltrack.eyeviewads.com/check?r=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D42%26partnerUserId%3Dfc6b65cdecd20e40f1c99af0098e02bb&vndr=lkqd HTTP 302
  • https://cs.lkqd.net/cs?partnerId=42&partnerUserId=fc6b65cdecd20e40f1c99af0098e02bb&sticky=true
Request Chain 105
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=a9c3ba02-eb68-4104-a1bf-eb5f15432022&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/a9c3ba02-eb68-4104-a1bf-eb5f15432022/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=a9c3ba02-eb68-4104-a1bf-eb5f15432022?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=445&dpuuid=a9c3ba02-eb68-4104-a1bf-eb5f15432022
Request Chain 106
  • https://us-u.openx.net/w/1.0/cm?id=c09b4c7a-cf51-4f9d-988d-8b1b5956bd03&r=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D51%26partnerUserId%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=c09b4c7a-cf51-4f9d-988d-8b1b5956bd03&r=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D51%26partnerUserId%3D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=51&partnerUserId=42eb661e-dd3b-40ec-b363-e6c93b25c731
Request Chain 107
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=XJ9ewAAAAKw0BF39 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=XJ9ewAAAAKw0BF39&_test=XJ9ewAAAAKw0BF39
Request Chain 108
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=gc5zdOu0sTgm&ev=1&pid=561322
Request Chain 111
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D57%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=57&partnerUserId=H15e57kFmSTK&ev=1&pid=561322
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_sc HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAQVc5pplZ1SOSP67oLasuo&google_cver=1
Request Chain 113
  • https://cookie.brealtime.com/getuid?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D60%26partnerUserId%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D60%26partnerUserId%3D%24UID HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D60%2526partnerUserId%253D%2524UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=60&partnerUserId=5721989379813416978
Request Chain 114
  • https://dt-secure.videohub.tv/v1/tpsync/lkqd_direct HTTP 303
  • https://cs.lkqd.net/cs?partnerId=61&partnerUserId=f0a6ab21c933460dde6038184b46d3ff
Request Chain 115
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156759&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156759%26pr%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D63%2526partnerUserId%253D%2523PMUID HTTP 302
  • http://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=http%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • http://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=http%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=XJ9ewAAAAHRw6wFr HTTP 302
  • http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=XJ9ewAAAAHRw6wFr&gdpr=0&gdpr_consent=&_test=XJ9ewAAAAHRw6wFr HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 116
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156759&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156759%26pr%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D69%2526partnerUserId%253D%2523PMUID HTTP 302
  • http://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=http%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • http://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=http%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=XJ9ewAAAALZwoTCs HTTP 302
  • http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=XJ9ewAAAALZwoTCs&gdpr=0&gdpr_consent=&_test=XJ9ewAAAALZwoTCs HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 117
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156759&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156759%26pr%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D70%2526partnerUserId%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156759&pr=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D69%26partnerUserId%3D29D0C551-F37D-471B-8024-988D0B2EE08E HTTP 302
  • https://cs.lkqd.net/cs?partnerId=69&partnerUserId=29D0C551-F37D-471B-8024-988D0B2EE08E
Request Chain 118
  • https://x.mdhv.io/lq?IZRlNAIPIX0 HTTP 307
  • https://cs.lkqd.net/cs?partnerId=74&partnerUserId=aznEgFEHRmSQBg1Jdb1WYQ
Request Chain 119
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=1&gdpr_consent=&partnerUserId=s-Z5_rPgI6mrsyT64r1t-rLndayrtCWutbVw1baP
Request Chain 120
  • https://sync.mathtag.com/sync/img?mt_exid=88&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D77%26partnerUserId%3D%5BMM_UUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=77&partnerUserId=67b85c9f-5c65-4800-9ab4-9879323ab794

161 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request challengevdl.php
signonvscreen-go.webcindario.com/bankofamerica/edf24f85/ 		15 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
edf4a266c4821ae290a774915059a28ec8f0ccfe2a3ec910a4c89f94d42e24cf

Request headers

:method
GET
:authority
signonvscreen-go.webcindario.com
:scheme
https
:path
/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Sat, 30 Mar 2019 12:19:01 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
set-cookie
__muid=bab8477f86b052777b7495827977ccc7670ae7a6; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly PHPSESSID=fa3b3ef722e6b9ba0c418b1d0b72a1ed; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
x-powered-by
Webcindario Hosting Service
content-encoding
gzip
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		83 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7d858bbadc7cce39e10f8f57fea3e64377c57581b9ac7b3384dca9a1c70de895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
31900
x-xss-protection
0
server
cafe
etag
5123447003870312250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 30 Mar 2019 12:19:02 GMT
style1.css
signonvscreen-go.webcindario.com/bankofamerica/edf24f85/images/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/images/style1.css
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
94f243198ac37ef309f89bf03a8faf0c93c1c5a45a39f46c1ca7491306b0ac68

Request headers

:path
/bankofamerica/edf24f85/images/style1.css
pragma
no-cache
cookie
__muid=bab8477f86b052777b7495827977ccc7670ae7a6; PHPSESSID=fa3b3ef722e6b9ba0c418b1d0b72a1ed
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
signonvscreen-go.webcindario.com
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
:scheme
https
:method
GET
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:01 GMT
content-encoding
gzip
last-modified
Sat, 30 Mar 2019 09:18:29 GMT
server
nginx
x-powered-by
Webcindario Hosting Service
etag
W/"5c9f3465-d57"
vary
Accept-Encoding
content-type
text/css
status
200
new%20header.png
signonvscreen-go.webcindario.com/bankofamerica/edf24f85/images/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/images/new%20header.png
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
1dbaa336651d898b99626cd80ec5f2ca9b0971429d6e0d9c20bead1322c362c7

Request headers

:path
/bankofamerica/edf24f85/images/new%20header.png
pragma
no-cache
cookie
__muid=bab8477f86b052777b7495827977ccc7670ae7a6; PHPSESSID=fa3b3ef722e6b9ba0c418b1d0b72a1ed
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
signonvscreen-go.webcindario.com
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
:scheme
https
:method
GET
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:01 GMT
last-modified
Sat, 30 Mar 2019 09:18:29 GMT
server
nginx
x-powered-by
Webcindario Hosting Service
etag
"5c9f3465-1a18f"
content-type
image/png
status
200
accept-ranges
bytes
content-length
106895
confirm.png
signonvscreen-go.webcindario.com/bankofamerica/edf24f85/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/images/confirm.png
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
3bd5ac9684632300424ca98cbe5c5ee9af57d20ba97ced23899daf5ea9bd6685

Request headers

:path
/bankofamerica/edf24f85/images/confirm.png
pragma
no-cache
cookie
__muid=bab8477f86b052777b7495827977ccc7670ae7a6; PHPSESSID=fa3b3ef722e6b9ba0c418b1d0b72a1ed
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
signonvscreen-go.webcindario.com
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
:scheme
https
:method
GET
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:02 GMT
last-modified
Sat, 30 Mar 2019 09:18:29 GMT
server
nginx
x-powered-by
Webcindario Hosting Service
etag
"5c9f3465-86a"
content-type
image/png
status
200
accept-ranges
bytes
content-length
2154
footer.png
signonvscreen-go.webcindario.com/bankofamerica/edf24f85/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/images/footer.png
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
b0f184fbe0d818a5c23b5540423a251bef3290d1968df6c9c456f1887d391ec0

Request headers

:path
/bankofamerica/edf24f85/images/footer.png
pragma
no-cache
cookie
__muid=bab8477f86b052777b7495827977ccc7670ae7a6; PHPSESSID=fa3b3ef722e6b9ba0c418b1d0b72a1ed
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
signonvscreen-go.webcindario.com
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
:scheme
https
:method
GET
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:02 GMT
last-modified
Sat, 30 Mar 2019 09:18:29 GMT
server
nginx
x-powered-by
Webcindario Hosting Service
etag
"5c9f3465-2cb1"
content-type
image/png
status
200
accept-ranges
bytes
content-length
11441
miarrobamobile.js
ads.vidoomy.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/miarrobamobile.js
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.17.116.255 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-17-116-255.us-east-2.compute.amazonaws.com
Software
Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
8723cae31a124bb3aba17b012e29bfc6360ecba1b40661077000e8a97afa0e55

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:02 GMT
Server
Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Keep-Alive
timeout=2, max=500
Content-Length
2006
miarrodesktop.js
ads.vidoomy.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/miarrodesktop.js
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.17.116.255 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-17-116-255.us-east-2.compute.amazonaws.com
Software
Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
021ece809cc629f17524c1e4de64b3a3d88960389d5b4dc052d3e82e70ff93ba

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:02 GMT
Server
Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Keep-Alive
timeout=2, max=499
Content-Length
1874
fd629041-9e6f-47d6-8dfb-cf82237caa89.js
static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/ 		145 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.103.39.29 , Netherlands, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software
nginx /
Resource Hash
a841b2c897a2907ff40cca3d1f9f2a912f98a260a9b9b59fdb418148d122bda8

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:03 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Thu, 28 Mar 2019 12:01:09 GMT
server
nginx
age
173847
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
status
200
cache-control
max-age=0, s-maxage=2592001
access-control-allow-credentials
true
x-device
desktop
accept-ranges
bytes
content-length
39172
/
hosting.miarroba.info/ 		0
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hosting.miarroba.info/?__muid=bab8477f86b052777b7495827977ccc7670ae7a6&h=1854646&t=1553948341&k=f25e8f62c2feee6cfe840c5ec252db9d
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:ce08 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Mar 2019 12:19:02 GMT
content-encoding
br
content-type
application/javascript; charset=iso-8859-1
last-modified
Sat, 30 Mar 2019 12:19:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200
cache-control
no-cache
cf-ray
4bfa0791ce6197bc-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
a32e6bf7721ac406684c7d5205314007a46eb6fefed76390ce5063c52e54ba6c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:02 GMT
content-encoding
br
last-modified
Fri, 29 Mar 2019 21:08:48 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
18150
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:02 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
2795
date
Sat, 30 Mar 2019 11:32:27 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Sat, 30 Mar 2019 13:32:27 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=signonvscreen-go.webcindario.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=signonvscreen-go.webcindario.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/ 		203 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
3647cb4d72a5035b8d5580e571f570eb91c5e808b39493ca98139206db4ca28c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
77289
x-xss-protection
0
server
cafe
etag
14579856234811158707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2019 12:19:02 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/ Frame 2C7D 		203 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
3647cb4d72a5035b8d5580e571f570eb91c5e808b39493ca98139206db4ca28c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
77289
x-xss-protection
0
server
cafe
etag
14579856234811158707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2019 12:19:02 GMT
ca-pub-7294310421616689.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7294310421616689.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 11:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Mar 2019 21:51:44 GMT
server
sffe
age
1322
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
125
x-xss-protection
0
expires
Sat, 30 Mar 2019 23:57:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190327/r20190131/ Frame F1AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190327/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190327/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 27 Mar 2019 22:10:13 GMT
expires
Wed, 10 Apr 2019 22:10:13 GMT
content-type
text/html; charset=UTF-8
etag
4425972840952340538
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6619
x-xss-protection
0
cache-control
public, max-age=1209600
age
223729
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1436348820&t=pageview&_s=1&dl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-d...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=600640566.1553948342&jid=317180650&_gid=1007261578.1553948342&gjid=1331131920&_v=j73&z=830528285
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=600640566.1553948342&jid=317180650&_v=j73&z=830528285
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=600640566.1553948342&jid=317180650&_v=j73&z=830528285&slf_rd=1&random=3965952012
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=600640566.1553948342&jid=317180650&_v=j73&z=830528285&slf_rd=1&random=3965952012
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Mar 2019 12:19:02 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Mar 2019 12:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=600640566.1553948342&jid=317180650&_v=j73&z=830528285&slf_rd=1&random=3965952012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B1E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1553948342&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1553948342127&bpp=28&bdt=197&fdt=80&idt=75&shv=r20190327&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=5065620390416&frm=20&pv=2&ga_vid=600640566.1553948342&ga_sid=1553948342&ga_hid=1436348820&ga_fc=0&iag=0&icsg=8360&dssz=10&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=20040081%2C21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=1040&bc=15&osw_key=1224368391&ifi=0&uci=0.yw59qktzfz0i&fsb=1&dtd=109
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1553948342&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1553948342127&bpp=28&bdt=197&fdt=80&idt=75&shv=r20190327&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=5065620390416&frm=20&pv=2&ga_vid=600640566.1553948342&ga_sid=1553948342&ga_hid=1436348820&ga_fc=0&iag=0&icsg=8360&dssz=10&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=20040081%2C21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=1040&bc=15&osw_key=1224368391&ifi=0&uci=0.yw59qktzfz0i&fsb=1&dtd=109
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 30 Mar 2019 12:19:02 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 30-Mar-2019 12:34:02 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9ed6308b644f91c953d318635ae4c5ea03977a40badb5c0ea94e963dd343a8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1553685379633397"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29012
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:02 GMT
formats.js
ad.lkqd.net/vpaid/ Frame 7A01 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js?pid=430&sid=642145
Requested by
Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/miarrobamobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7ed393c0873191e300cd7674d7c5d52ba57ac69092c8d101abe7849967bc3811

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Feb 2019 18:04:54 GMT
X-HW
1553948342.dop008.pa1.shc,1553948342.dop008.pa1.t,1553948342.cds029.pa1.c
Content-Type
application/javascript
Cache-Control
max-age=300
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
48632
ad
v.lkqd.net/ Frame 7A01 		180 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=642594&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&dnt=0&c1=&c2=&c3=&rnd=46305632&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js?pid=430&sid=642145
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.133.47 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com

Response headers

date
Sat, 30 Mar 2019 12:19:03 GMT
content-encoding
gzip
server
nginx
status
200
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
formats.js
ad.lkqd.net/vpaid/ Frame DF7E 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/miarrodesktop.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7ed393c0873191e300cd7674d7c5d52ba57ac69092c8d101abe7849967bc3811

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Feb 2019 18:04:54 GMT
X-HW
1553948342.dop008.pa1.shc,1553948342.dop008.pa1.t,1553948342.cds029.pa1.c
Content-Type
application/javascript
Cache-Control
max-age=300
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
48632
ad
v.lkqd.net/ Frame DF7E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=642602&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&dnt=0&c1=&c2=&c3=&rnd=56534415&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.133.47 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
971008b72af43541badbada12dbdccb084a1a5df78928f28fc7ad2694a01c21b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com

Response headers

date
Sat, 30 Mar 2019 12:19:03 GMT
content-encoding
gzip
server
nginx
status
200
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1447
t
t.lkqd.net/ Frame 6FC2 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.103 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/plain; charset=UTF-8
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
vpaid.js
ad.lkqd.net/vpaid/ Frame 9A0A 		310 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
36870b7962d775ac7400b1931ae54b1e978d3495323882bb351b7b7afae46114

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Mar 2019 19:34:43 GMT
X-HW
1553948342.dop008.pa1.shc,1553948342.dop008.pa1.t,1553948343.cds029.pa1.c
Content-Type
application/javascript
Cache-Control
max-age=120
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
92894
t
t.lkqd.net/ Frame 387C 		0
0
blocking_regex
ad.lkqd.net/mediafile/ Frame 9A0A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/mediafile/blocking_regex
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72042d3923be4aed26983c927543df8fde3fe290257e4afc1215d3e6d9e8d6c2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com

Response headers

Date
Sat, 30 Mar 2019 12:19:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Mar 2019 12:13:11 GMT
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
0
Cache-Control
max-age=300
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1096
X-HW
1553948343.dop008.pa1.shc,1553948343.dop008.pa1.t,1553948343.cds036.pa1.c
ad
v.lkqd.net/ Frame 9A0A 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=642602&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&dnt=0&c1=&c2=&c3=&rnd=56534415&m=&rtv=1&thost=signonvscreen-go.webcindario.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.133.41 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:06 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, POST, OPTIONS
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
eu_country.php
static.sunmedia.tv/SMVpaidCreatives/geotarget/ 		19 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/SMVpaidCreatives/geotarget/eu_country.php
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
content-encoding
gzip
tp-cache
HIT
age
1048885
status
200
x-device
desktop
content-length
39
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, s-maxage=2592000
access-control-allow-credentials
true
tp-l2-cache
MISS
accept-ranges
bytes
outstream.json
static.sunmedia.tv/SMSdk/tracker/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/SMSdk/tracker/outstream.json
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
5f8b7b252822d5661b6e0d3a9bc341e682358dadc6b43e02d43a7c95596b250b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
content-encoding
gzip
tp-cache
HIT
age
1041567
status
200
x-device
desktop
content-length
1023
last-modified
Mon, 11 Mar 2019 17:39:57 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=2592000
tp-l2-cache
MISS
accept-ranges
bytes
adblockDetector.js
static.sunmedia.tv/SMSdk/assets/AdBlockDetection/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.js
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Mon, 18 Mar 2019 10:46:02 GMT
server
nginx
age
1041567
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
tp-l2-cache
HIT
accept-ranges
bytes
content-length
4831
t
t.lkqd.net/ Frame 60FE 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.103 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/plain; charset=UTF-8
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
t
t.lkqd.net/ Frame 60FE 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.113 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
server
nginx
status
200
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
t
t.lkqd.net/ Frame 6FC2 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.113 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
server
nginx
status
200
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
tag.js
js.agkn.com/prod/v0/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.agkn.com/prod/v0/tag.js
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:e600:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 15 Jan 2019 22:36:07 GMT
via
1.1 d89eaba973a5c1614ea9f0994f5e8a12.cloudfront.net (CloudFront)
last-modified
Tue, 04 Dec 2018 22:35:38 GMT
server
AmazonS3
age
49272
etag
"a5442c681a576408c25edbf365995343"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3167
x-amz-cf-id
zOPlijEghtVArydJkAaU6p7dYn6dQBoHWs7lSzWRIbX6k2eWzc4NSA==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: signonvscreen-go.webcindario.com
URL: https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Sun, 31 Mar 2019 12:19:04 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
SMPlayer_d.css
static.sunmedia.tv/SMSdk/css/SMVast/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
f1a23903096874ca71eb7363dd68fa44696d8d013f87f11d2c3aa868fc8df989

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
content-encoding
gzip
tp-cache
HIT
age
1041568
status
200
x-device
desktop
accept-ranges
bytes
last-modified
Mon, 18 Mar 2019 10:46:01 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=2592000
tp-l2-cache
HIT
content-length
956
v2
es-sunicontent.videoplaza.tv/proxy/distributor/ 		49 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/MiArrobaDesktop&tt=p&rt=vast_2.0&rn=980498636&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&vht=225&vwt=400
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.28.138.14 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
stc-185-28-138.videoplaza.net
Software
/
Resource Hash
003d8bc4b3f51753c68f64ce4feb02ddfb9d0c6c94702c113ece56fab6ec0fd5

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:05 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09
  • https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=318253339&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=318253339&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_c...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=318253339&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=4947143
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=318253339&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=4947143
Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
/
track.sunmedia.tv/ 		42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.sunmedia.tv/?ap=smptf&it=fd629041-9e6f-47d6-8dfb-cf82237caa89&tp=op&pb=1&pos=no-pos&loop=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
tp-cache
HIT
last-modified
Thu, 15 Nov 2018 09:59:07 GMT
server
nginx
age
1048885
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, s-maxage=31536000
access-control-allow-credentials
true
content-length
42
accept-ranges
bytes
x-device
desktop
/
track.sunmedia.tv/ 		42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.sunmedia.tv/?ap=smptf&it=fd629041-9e6f-47d6-8dfb-cf82237caa89&tp=req&pb=1&pos=no-pos&loop=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
tp-cache
HIT
last-modified
Thu, 15 Nov 2018 09:59:07 GMT
server
nginx
age
1048885
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, s-maxage=31536000
access-control-allow-credentials
true
content-length
42
accept-ranges
bytes
x-device
desktop
/
track.sunmedia.tv/ 		42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.sunmedia.tv/?ap=smptf&it=fd629041-9e6f-47d6-8dfb-cf82237caa89&tp=ef&pb=1&pos=no-pos&loop=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
tp-cache
HIT
last-modified
Thu, 15 Nov 2018 09:59:07 GMT
server
nginx
age
1048885
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, s-maxage=31536000
access-control-allow-credentials
true
content-length
42
accept-ranges
bytes
x-device
desktop
css
fonts.googleapis.com/ 		767 B
435 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2939d607a8ad67edbc7ade28075844c18c904d4b2b87145db848382a50af0214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 30 Mar 2019 12:19:04 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 30 Mar 2019 12:19:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sat, 30 Mar 2019 12:19:04 GMT
Cookie set /
d.agkn.com/iframe/8613/ Frame 52DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d.agkn.com/iframe/8613/?che=553146127&gdpr=&gdpr_consent=&url=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Requested by
Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.95.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-95-206.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d

Response headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html;charset=UTF-8
Date
Sat, 30 Mar 2019 12:19:05 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3A%2BWVdITf5f00wjL%2FhqtEL7x5%2Fbn16O4rP;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAkMhs6JDIbOgAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length
481
Connection
keep-alive
sound-on.png
static.sunmedia.tv/SMSdk/ico/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer
https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
tp-cache
HIT
last-modified
Mon, 18 Mar 2019 10:46:02 GMT
server
nginx
age
1041568
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
tp-l2-cache
MISS
accept-ranges
bytes
content-length
2894
fullscreen-on.png
static.sunmedia.tv/SMSdk/ico/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sunmedia.tv/SMSdk/ico/fullscreen-on.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb

Request headers

Referer
https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
tp-cache
HIT
last-modified
Mon, 18 Mar 2019 10:46:02 GMT
server
nginx
age
1041568
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
tp-l2-cache
MISS
accept-ranges
bytes
content-length
1351
skip.png
static.sunmedia.tv/SMSdk/ico/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sunmedia.tv/SMSdk/ico/skip.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb

Request headers

Referer
https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
tp-cache
HIT
last-modified
Mon, 18 Mar 2019 10:46:02 GMT
server
nginx
age
1041568
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
tp-l2-cache
HIT
accept-ranges
bytes
content-length
2761
adlabel.png
static.sunmedia.tv/SMSdk/ico/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sunmedia.tv/SMSdk/ico/adlabel.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877

Request headers

Referer
https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
tp-cache
HIT
last-modified
Mon, 18 Mar 2019 10:46:02 GMT
server
nginx
age
1041568
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
tp-l2-cache
HIT
accept-ranges
bytes
content-length
1359
play.png
static.sunmedia.tv/SMSdk/ico/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sunmedia.tv/SMSdk/ico/play.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.180.203 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3125521.ip-51-68-180.eu
Software
nginx /
Resource Hash
dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151

Request headers

Referer
https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:04 GMT
tp-cache
HIT
last-modified
Mon, 18 Mar 2019 10:46:02 GMT
server
nginx
age
1041568
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
tp-l2-cache
HIT
accept-ranges
bytes
content-length
1525
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1553948344901&ns_c=UTF-8&cv=3.1e&c8=%CE%92%D0%B0nk%20%D0%BEf%20%CE%91m%D0%B5r%D1%96%D1%81%D0%B0%20%7C%20%CE%9Fnl%D1%96n%D0%B5...
  • https://sb.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1553948344901&ns_c=UTF-8&cv=3.1e&c8=%CE%92%D0%B0nk%20%D0%BEf%20%CE%91m%D0%B5r%D1%96%D1%81%D0%B0%20%7C%20%CE%9Fnl%D1%96n%D0%B...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1553948344901&ns_c=UTF-8&cv=3.1e&c8=%CE%92%D0%B0nk%20%D0%BEf%20%CE%91m%D0%B5r%D1%96%D1%81%D0%B0%20%7C%20%CE%9Fnl%D1%96n%D0%B5%20%CE%92%D0%B0nk%D1%96ng%20%7C%20%D0%85%D1%96gn%20%CE%99n%20%7C%20Sitekey&c7=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&c9=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:05 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1553948344901&ns_c=UTF-8&cv=3.1e&c8=%CE%92%D0%B0nk%20%D0%BEf%20%CE%91m%D0%B5r%D1%96%D1%81%D0%B0%20%7C%20%CE%9Fnl%D1%96n%D0%B5%20%CE%92%D0%B0nk%D1%96ng%20%7C%20%D0%85%D1%96gn%20%CE%99n%20%7C%20Sitekey&c7=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&c9=
Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
207956
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&cb=884529612&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:05 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000325
X-SpotX-Timing-SpotMarket
0.253553
X-SpotX-Timing-Page-Mux
0.000163
X-SpotX-Timing-Page-Require
0.000270
X-fe
122
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.003724
Content-Length
77
X-SpotX-Timing-Page
0.260338
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000255
Last-Modified
Sat, 30 Mar 2019 12:19:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.077611
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
X-SpotX-Timing-Page-Misc
0.002039
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.175942
X-SpotX-Timing-Page-URI
0.000008
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ac
www8.smartadserver.com/
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1623435578&gdpr=1&gdpr_consent=1
  • https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1623435578&gdpr=1&gdpr_consent=1&cklb=1
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1623435578&gdpr=1&gdpr_consent=1&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Location
https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1623435578&gdpr=1&gdpr_consent=1&cklb=1
Date
Sat, 30 Mar 2019 12:19:05 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Content-Length
339
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1623435578&gdpr=1&gdpr_consent=1&cklb=1
Date
Sat, 30 Mar 2019 12:19:05 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Content-Length
339
Content-Type
text/html; charset=utf-8
ac
www8.smartadserver.com/ 		129 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1623435578&gdpr=1&gdpr_consent=1&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
228
Expires
-1
ac
www8.smartadserver.com/ 		129 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=24966948&vph=385&vpw=640&pgDomain=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&vpaidt=js&vpaidv=1,2gdpr=1&gdpr_consent=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
228
Expires
-1
ima3vpaid
tpc.googlesyndication.com/ 		941 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-1974742334&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3459096636%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e0a182c2bdf5f43ea94112774f76f3e6c15d75f27278bd943e0da1a96724c33e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Mar 2019 12:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
private
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
610
x-xss-protection
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame A94B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3459096636%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8b84efacd6eec05af6399e7ff4d020c44209ee76e0494e29cc2ff3013b0aceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Mar 2019 17:11:07 GMT
server
sffe
age
421
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
15408
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:27:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A94B 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3459096636%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b2bbbf299b9ef55b814e7837cce59810e13f4d07dd4c9b035435ee106183499b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
85023
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:05 GMT
ad
v.lkqd.net/ Frame 9A0A 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=642602&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&dnt=0&c1=&c2=&c3=&rnd=56534415&m=&rtv=1&thost=signonvscreen-go.webcindario.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.133.47 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
0857735bef9a9a42050687fd58a3d5e2c0fc22cc9fe9ce0293c8f78edce7b366

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:06 GMT
content-encoding
gzip
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2900
bridge3.289.0_en.html
imasdk.googleapis.com/js/core/ Frame AED3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.289.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
183600
date
Tue, 26 Mar 2019 18:07:04 GMT
expires
Wed, 25 Mar 2020 18:07:04 GMT
last-modified
Tue, 26 Mar 2019 17:41:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
324722
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
client.js
s0.2mdn.net/instream/video/ Frame A94B 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10523
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:06 GMT
integrator.js
adservice.google.com/adsid/ Frame A94B 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=signonvscreen-go.webcindario.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
vadtag.html
vpaid.pubmatic.com/ads/video/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5fd8adf973b00b328041f9a86c8f304d4edec897854dfc24830ea557030b819b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:07 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-2da6-583e0acf068a5"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
715
Expires
Sat, 30 Mar 2019 12:19:07 GMT
t
t.lkqd.net/ Frame 60FE 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.103 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:07 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/plain; charset=UTF-8
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 2457 		146 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f4a145203541b8f36d96cf41a3245654a25e621c52e8e050c947674936bbe48

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:07 GMT
Last-Modified
Tue, 26 Mar 2019 11:59:08 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"140829f-24795-584fe0c7299e4"
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
149397
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/gif
t
t.lkqd.net/ Frame 60FE 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.103 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:07 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/plain; charset=UTF-8
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
ima3vpaid
tpc.googlesyndication.com/ 		962 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=893122562&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
bc4dce29948a68257d214f6c1e87337294023b885d59b0866a39ec462387598c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Mar 2019 12:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
private
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
624
x-xss-protection
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame B5B9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll&correlator=893122562
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8b84efacd6eec05af6399e7ff4d020c44209ee76e0494e29cc2ff3013b0aceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Mar 2019 17:11:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
15408
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:34:07 GMT
t
t.lkqd.net/ Frame 60FE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.113 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:07 GMT
server
nginx
status
200
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 8366 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Last-Modified
Thu, 15 Nov 2018 04:53:43 GMT
ETag
"13006b6-9ed1-57aacd5c8da70"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
15271
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131533
Expires
Mon, 01 Apr 2019 00:51:20 GMT
Date
Sat, 30 Mar 2019 12:19:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2457 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
44a3b4335a2838d5f1e3da151d72565c434518a9eddcc796ca8d081d328384a9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Nov 2018 04:53:43 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-9ed1-57aacd5c8da70"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=131533
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
15271
Expires
Mon, 01 Apr 2019 00:51:20 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B5B9 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll&correlator=893122562
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b2bbbf299b9ef55b814e7837cce59810e13f4d07dd4c9b035435ee106183499b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
85023
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:07 GMT
t
t.lkqd.net/ Frame 60FE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.113 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:07 GMT
server
nginx
status
200
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 2457 		27 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fsignonvscreen-go.webcindario.com%252Fbankofamerica%252Fedf24f85%252Fchallengevdl.php%253Fcmd%253D_account-details%2526session%253D513d30dbe99de35d0f6f419fbeefd410%2526dispatch%253D34b56c80c08f23092112c77e0ec02e15e60afd4d&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fsignonvscreen-go.webcindario.com%252Fbankofamerica%252Fedf24f85%252Fchallengevdl.php%253Fcmd%253D_account-details%2526session%253D513d30dbe99de35d0f6f419fbeefd410%2526dispatch%253D34b56c80c08f23092112c77e0ec02e15e60afd4d&vwndref=&vc=2&js=1&sec=1&kltstamp=2019-3-30%2012:19:7&ranreq=0.4491661361388237&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com

Response headers

Date
Sat, 30 Mar 2019 12:19:08 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 2457 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1553948348&wa=0&e=95&vc=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:08 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
t
t.lkqd.net/ Frame 60FE 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.103 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/plain; charset=UTF-8
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
t
t.lkqd.net/ Frame 60FE 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.113 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
server
nginx
status
200
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
bridge3.289.0_en.html
imasdk.googleapis.com/js/core/ Frame EBAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.289.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
183600
date
Tue, 26 Mar 2019 18:07:04 GMT
expires
Wed, 25 Mar 2020 18:07:04 GMT
last-modified
Tue, 26 Mar 2019 17:41:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
324724
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
client.js
s0.2mdn.net/instream/video/ Frame B5B9 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10523
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:08 GMT
integrator.js
adservice.google.com/adsid/ Frame B5B9 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=signonvscreen-go.webcindario.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
223518
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/223518?VPAID=JS&content_page_url=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&cb=-252641177&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:08 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000441
X-SpotX-Timing-SpotMarket
0.030965
X-SpotX-Timing-Page-Mux
0.000167
X-SpotX-Timing-Page-Require
0.000278
X-fe
052
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000613
Content-Length
77
X-SpotX-Timing-Page
0.034285
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000249
Last-Modified
Sat, 30 Mar 2019 12:19:08 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.030965
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
X-SpotX-Timing-Page-Misc
0.001562
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
mx-sunmedia.videoplaza.tv/proxy/distributor/ 		60 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mx-sunmedia.videoplaza.tv/proxy/distributor/v2?s=ESIT/Desktop&tt=p&rt=vast_2.0&rn=302338151&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&vht=225&vwt=400
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.28.138.14 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
stc-185-28-138.videoplaza.net
Software
/
Resource Hash
0a6a28ee80c24971a045e09708a8ee84c21294f0e7f37fe06936414171af3d03

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
es-sunicontent.videoplaza.tv/proxy/tracker/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&e=0&gdpr=1&gdpr_consent=1&loc=CJQCEI9RGMsNIKbsEC0HH1JCNTJVVUE6BmJlcmxpbkIDIyMj&pf=fl_11&pid=02a34179-52e6-11e9-a673-0a58ac163806&s=MobusiIH/MiArrobaDesktop&tid=02a34178-52e6-11e9-a673-0a58ac163806&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.28.138.14 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
stc-185-28-138.videoplaza.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 30 Mar 2019 12:19:08 GMT
content-length
0
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
s.richaudience.com/vid/0Z9XdnskIz/281610433/ 		160 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/vid/0Z9XdnskIz/281610433/?hasConsent=1&consentString=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.59.34.134 , France, ASN16276 (OVH, FR),
Reverse DNS
eu.srv001.richaudience.com
Software
nginx/1.10.3 /
Resource Hash
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
content-encoding
gzip
server
nginx/1.10.3
status
200
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
86400
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame DF7E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=642602&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&dnt=0&c1=&c2=&c3=&rnd=16467041&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.133.47 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
535a78c686e15e06175d5b99a166b27fe915a8a5f526df00b355f9ca0032e122

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
content-encoding
gzip
server
nginx
status
200
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1450
vpaid.js
ad.lkqd.net/vpaid/ Frame C54A 		310 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
36870b7962d775ac7400b1931ae54b1e978d3495323882bb351b7b7afae46114

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Mar 2019 19:34:43 GMT
X-HW
1553948342.dop008.pa1.shc,1553948342.dop008.pa1.t,1553948348.cds029.pa1.c
Content-Type
application/javascript
Cache-Control
max-age=120
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
92894
ad
v.lkqd.net/ Frame C54A 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=642602&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&dnt=0&c1=&c2=&c3=&rnd=16467041&m=&rtv=1&thost=signonvscreen-go.webcindario.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.133.41 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, POST, OPTIONS
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
v2
es-sunicontent.videoplaza.tv/proxy/distributor/ 		49 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/MiArrobaDesktop&tt=p&rt=vast_2.0&rn=196279789&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&vht=225&vwt=400
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.28.138.14 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
stc-185-28-138.videoplaza.net
Software
/
Resource Hash
b839034f628a96a6dda89a49b8bce1f25a8028c328a8c4a3a49ffb3c053ad1f8

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
207956
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&cb=2047126347&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:09 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000262
X-SpotX-Timing-SpotMarket
0.261031
X-SpotX-Timing-Page-Mux
0.000175
X-SpotX-Timing-Page-Require
0.000307
X-fe
135
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000017
Content-Length
77
X-SpotX-Timing-Page
0.264344
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000277
Last-Modified
Sat, 30 Mar 2019 12:19:09 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.079756
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
X-SpotX-Timing-Page-Misc
0.002266
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.181275
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ad
v.lkqd.net/ Frame C54A 		21 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=642602&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&dnt=0&c1=&c2=&c3=&rnd=16467041&m=&rtv=1&thost=signonvscreen-go.webcindario.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.133.47 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
ca15c6cff19e548f8d87231c5b94f459a1631a8157ae81122101e3ed072b60a3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
content-encoding
gzip
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4525
t
t.lkqd.net/ Frame 13B5 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.103 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/plain; charset=UTF-8
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
CookieSyncLKQD
rtb.adentifi.com/ Frame C54A 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.230.61 Fairfield, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-93-230-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=lkqd
  • https://x.bidswitch.net/ul_cb/sync?ssp=lkqd
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=lkqd
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=lkqd&gdpr=1&gdpr_consent=&user_id=JAFKUCQHEAQ8VkFSJAdeB3AHElA8UBEAIVKVIxiP
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=d4ab9f5b-8b2a-498a-aaa6-b6c55933f065&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dd4ab9f5b-8b2a-498a-aaa6-b6c55933f065%26redi...
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=d4ab9f5b-8b2a-498a-aaa6-b6c55933f065&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dd4ab9f5b-8b2a-498a-aaa6-b6c55933f065
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=d4ab9f5b-8b2a-498a-aaa6-b6c55933f065
0
0
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=0694ea20-b7f4-4367-83ca-8a842d362cd3
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=0694ea20-b7f4-4367-83ca-8a842d362cd3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 30 Mar 2019 12:19:09 GMT
x-aspnet-version
4.0.30319
location
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=0694ea20-b7f4-4367-83ca-8a842d362cd3
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
203
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=2590fba9-3db1-4d4c-810c-7431c2f00400&gdpr=1&gdpr_consent=
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=2590fba9-3db1-4d4c-810c-7431c2f00400&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:08 GMT
Server
Apache-Coyote/1.1
Location
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=2590fba9-3db1-4d4c-810c-7431c2f00400&gdpr=1&gdpr_consent=
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
0
us.php
gu.dyntrk.com/adx/lkqd/ Frame C54A 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.77.128.18 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
proxy0391.eu3.dynfactory.com
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate, no-transform
X-RC
29
Server
proxy
Content-Length
0
Content-Type
text/plain
37030
stags.bluekai.com/site/ Frame C54A 		62 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37030?id=IZRlNAIPIX0&limit=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.241.32 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-241-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:12 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
a45
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
imp_pixel
media.sabio.us/ Frame C54A 		0
0
usermatch.gif
beacon.krxd.net/ Frame C54A 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lkqd&partner_uid=IZRlNAIPIX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.70.45 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-70-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:10 GMT
Cache-Control
private, no-cache, no-store
X-Request-Time
D=41 t=1553948350
Connection
keep-alive
X-Served-By
beacon-n042-dub.krxd.net
P3P
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://track.eyeviewads.com/sync/lkqd
  • https://pixeltrack.eyeviewads.com/check?r=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D42%26partnerUserId%3Dfc6b65cdecd20e40f1c99af0098e02bb&vndr=lkqd
  • https://cs.lkqd.net/cs?partnerId=42&partnerUserId=fc6b65cdecd20e40f1c99af0098e02bb&sticky=true
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=42&partnerUserId=fc6b65cdecd20e40f1c99af0098e02bb&sticky=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:10 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

status
302
date
Sat, 30 Mar 2019 12:19:09 GMT
p3p
CP='Eyeview does not have a P3P policy.'
content-length
0
location
https://cs.lkqd.net/cs?partnerId=42&partnerUserId=fc6b65cdecd20e40f1c99af0098e02bb&sticky=true
expires
Thu, 01 Jan 1970 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame C54A
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=a9c3ba02-eb68-4104-a1bf-eb5f15432022&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/a9c3ba02-eb68-4104-a1bf-eb5f15432022/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=a9c3ba02-eb68-4104-a1bf-eb5f15432022?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=445&dpuuid=a9c3ba02-eb68-4104-a1bf-eb5f15432022
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=445&dpuuid=a9c3ba02-eb68-4104-a1bf-eb5f15432022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.86.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-86-186.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v025-0fe3afe79.edge-irl1.demdex.com 5.50.0.20190319164038 3ms
Pragma
no-cache
X-TID
UlGctqJCSlY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
X-TID
LGLte+kJTco=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=445&dpuuid=a9c3ba02-eb68-4104-a1bf-eb5f15432022
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=c09b4c7a-cf51-4f9d-988d-8b1b5956bd03&r=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D51%26partnerUserId%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=c09b4c7a-cf51-4f9d-988d-8b1b5956bd03&r=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D51%26partnerUserId%3D
  • https://cs.lkqd.net/cs?partnerId=51&partnerUserId=42eb661e-dd3b-40ec-b363-e6c93b25c731
43 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=51&partnerUserId=42eb661e-dd3b-40ec-b363-e6c93b25c731
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:13 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Sat, 30 Mar 2019 12:19:12 GMT
server
OXGW/16.129.1
location
https://cs.lkqd.net/cs?partnerId=51&partnerUserId=42eb661e-dd3b-40ec-b363-e6c93b25c731
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
content-type
image/gif
content-length
0
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=XJ9ewAAAAKw0BF39
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=XJ9ewAAAAKw0BF39&_test=XJ9ewAAAAKw0BF39
43 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=XJ9ewAAAAKw0BF39&_test=XJ9ewAAAAKw0BF39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:12 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 30 Mar 2019 12:19:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1553948353.879587,VS0,VE0
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=XJ9ewAAAAKw0BF39&_test=XJ9ewAAAAKw0BF39
x-cache
HIT
status
302
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn1529-HHN
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=gc5zdOu0sTgm&ev=1&pid=561322
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=gc5zdOu0sTgm&ev=1&pid=561322
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:11 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Date
Sat, 30 Mar 2019 12:19:11 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
0
X-Served-By
cache-hhn1537-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=gc5zdOu0sTgm&ev=1&pid=561322
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
text/plain; charset=utf-8
Cw-Server
bh-deployment-5b88dffbd-b8qs4
X-Cache-Hits
0
/
csync.loopme.me/ Frame C54A 		0
0
464986.gif
idsync.rlcdn.com/ Frame C54A 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=IZRlNAIPIX0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
78.92.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Sat, 30 Mar 2019 12:19:10 GMT
via
1.1 google
alt-svc
clear
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D57%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=57&partnerUserId=H15e57kFmSTK&ev=1&pid=561322
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=57&partnerUserId=H15e57kFmSTK&ev=1&pid=561322
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:11 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Date
Sat, 30 Mar 2019 12:19:11 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
0
X-Served-By
cache-hhn1545-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Location
https://cs.lkqd.net/cs?partnerId=57&partnerUserId=H15e57kFmSTK&ev=1&pid=561322
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
text/plain; charset=utf-8
Cw-Server
bh-deployment-5b88dffbd-v4zr8
X-Cache-Hits
0
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_sc
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAQVc5pplZ1SOSP67oLasuo&google_cver=1
43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAQVc5pplZ1SOSP67oLasuo&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 30 Mar 2019 12:19:09 GMT
server
HTTP server (unknown)
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAQVc5pplZ1SOSP67oLasuo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://cookie.brealtime.com/getuid?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D60%26partnerUserId%3D%24UID
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D60%26partnerUserId%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D60%2526partnerUserId%253D%2524UID
  • https://cs.lkqd.net/cs?partnerId=60&partnerUserId=5721989379813416978
43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=60&partnerUserId=5721989379813416978
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:11 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:13 GMT
AN-X-Request-Uuid
72921a7b-4179-4f0d-9c43-7ca5fa882ebf
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://cs.lkqd.net/cs?partnerId=60&partnerUserId=5721989379813416978
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
83.97.23.38; 83.97.23.38; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.40:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://dt-secure.videohub.tv/v1/tpsync/lkqd_direct
  • https://cs.lkqd.net/cs?partnerId=61&partnerUserId=f0a6ab21c933460dde6038184b46d3ff
43 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=61&partnerUserId=f0a6ab21c933460dde6038184b46d3ff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:12 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=61&partnerUserId=f0a6ab21c933460dde6038184b46d3ff
Date
Sat, 30 Mar 2019 12:19:11 GMT
useSecure
true
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ImgSync
image8.pubmatic.com/AdServer/ Frame C54A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156759&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156759%26pr%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D63%2526part...
  • http://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=http%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26g...
  • http://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=http%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=XJ9ewAAAAHRw6wFr&gdpr=0&gdpr_consent=&_test=XJ9ewAAAAHRw6wFr
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:13 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Sat, 30 Mar 2019 12:19:13 GMT
X-lat
Pug22003:0:927
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
X-Cnection
close
Content-Type
text/html; charset=iso-8859-1
Content-Length
398
ImgSync
image8.pubmatic.com/AdServer/ Frame C54A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156759&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156759%26pr%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D69%2526part...
  • http://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=http%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26g...
  • http://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=http%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=XJ9ewAAAALZwoTCs&gdpr=0&gdpr_consent=&_test=XJ9ewAAAALZwoTCs
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:13 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8

Redirect headers

Location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Date
Sat, 30 Mar 2019 12:19:13 GMT
X-Cnection
close
X-lat
Pug22022:0:595
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
399
Content-Type
text/html; charset=iso-8859-1
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156759&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156759%26pr%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D70%2526part...
  • https://image4.pubmatic.com/AdServer/SPug?p=156759&pr=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D69%26partnerUserId%3D29D0C551-F37D-471B-8024-988D0B2EE08E
  • https://cs.lkqd.net/cs?partnerId=69&partnerUserId=29D0C551-F37D-471B-8024-988D0B2EE08E
43 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=69&partnerUserId=29D0C551-F37D-471B-8024-988D0B2EE08E
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:12 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=69&partnerUserId=29D0C551-F37D-471B-8024-988D0B2EE08E
Date
Sat, 30 Mar 2019 12:19:12 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
410
Content-Type
text/html; charset=iso-8859-1
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://x.mdhv.io/lq?IZRlNAIPIX0
  • https://cs.lkqd.net/cs?partnerId=74&partnerUserId=aznEgFEHRmSQBg1Jdb1WYQ
43 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=74&partnerUserId=aznEgFEHRmSQBg1Jdb1WYQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:12 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

status
307
date
Sat, 30 Mar 2019 12:19:12 GMT
via
1.1 google
content-length
112
location
https://cs.lkqd.net/cs?partnerId=74&partnerUserId=aznEgFEHRmSQBg1Jdb1WYQ
content-type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=1&gdpr_consent=&partnerUserId=s-Z5_rPgI6mrsyT64r1t-rLndayrtCWutbVw1baP
43 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=76&gdpr=1&gdpr_consent=&partnerUserId=s-Z5_rPgI6mrsyT64r1t-rLndayrtCWutbVw1baP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:13 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:13 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Location
https://cs.lkqd.net/cs?partnerId=76&gdpr=1&gdpr_consent=&partnerUserId=s-Z5_rPgI6mrsyT64r1t-rLndayrtCWutbVw1baP
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame C54A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=88&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D77%26partnerUserId%3D%5BMM_UUID%5D
  • https://cs.lkqd.net/cs?partnerId=77&partnerUserId=67b85c9f-5c65-4800-9ab4-9879323ab794
43 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=77&partnerUserId=67b85c9f-5c65-4800-9ab4-9879323ab794
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.120 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:12 GMT
server
nginx
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Date
Sat, 30 Mar 2019 12:19:12 GMT
Server
MT3 657 a2f706c master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.lkqd.net/cs?partnerId=77&partnerUserId=67b85c9f-5c65-4800-9ab4-9879323ab794
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 30 Mar 2019 12:19:11 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
87748725c8fd4cd28e20c57d926966db8f6c4f55f2fcdeb4bf1a975aede6401b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:09 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-2da6-583e0acf068a5"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
715
Expires
Sat, 30 Mar 2019 12:19:09 GMT
t
t.lkqd.net/ Frame 13B5 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.103 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/plain; charset=UTF-8
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
truncated
/ Frame C54A 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_627b678b.js
vpaid.springserve.net/production/ Frame 95E9 		419 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.net/production/vpaid_627b678b.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
AmazonS3 /
Resource Hash
c7f94653a38de4d99e3c5ff3f00aa2cdd909e7e853a1cce3832258887b078836

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:13 GMT
content-encoding
gzip
last-modified
Tue, 19 Mar 2019 16:50:46 GMT
server
AmazonS3
x-amz-request-id
FE7487A6B54141CC
etag
"fb1a486eb7252affd0a3720cd7eaf3c3"
x-hw
1553948353.dop008.pa1.t,1553948353.cds035.pa1.hn,1553948353.cds010.pa1.c
content-type
application/javascript
status
200
cache-control
max-age=30601945
accept-ranges
bytes
access-control-allow-origin
*
content-length
91895
x-amz-id-2
XeOp1LlL5dU1jDAoSaDiOIglGb1iRplc2hpvL/JXTWTkke8A2Ki+9M7qLiIiVukhDfC/vxcIjk0=
t
t.lkqd.net/ Frame 13B5 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.113 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
server
nginx
status
200
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
t
t.lkqd.net/ Frame 13B5 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.113 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
server
nginx
status
200
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
ac
www8.smartadserver.com/ 		129 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-448211861&vph=385&vpw=640&pgDomain=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&vpaidt=js&vpaidv=1,2gdpr=1&gdpr_consent=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
228
Expires
-1
t
t.lkqd.net/ Frame 13B5 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.103 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
server
nginx
access-control-allow-origin
https://signonvscreen-go.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/plain; charset=UTF-8
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
ac
www8.smartadserver.com/ 		129 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-1181708589&gdpr=1&gdpr_consent=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
228
Expires
-1
t
t.lkqd.net/ Frame 13B5 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.129.113 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com
Content-Type
application/json

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
server
nginx
status
200
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
ima3vpaid
tpc.googlesyndication.com/ 		962 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=314073442&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3459096636%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c059c6c1e89f56b93ab0a04af58a698adef6064253b80c5f09ba4ba229d6263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Mar 2019 12:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
private
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
626
x-xss-protection
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame DCAF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3459096636%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll&correlator=314073442
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8b84efacd6eec05af6399e7ff4d020c44209ee76e0494e29cc2ff3013b0aceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Mar 2019 17:11:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
15408
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:34:09 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DCAF 		243 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3459096636%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll&correlator=314073442
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b2bbbf299b9ef55b814e7837cce59810e13f4d07dd4c9b035435ee106183499b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
85023
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:07 GMT
bridge3.289.0_en.html
imasdk.googleapis.com/js/core/ Frame 291A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.289.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
183600
date
Tue, 26 Mar 2019 18:07:04 GMT
expires
Wed, 25 Mar 2020 18:07:04 GMT
last-modified
Tue, 26 Mar 2019 17:41:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
324726
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
client.js
s0.2mdn.net/instream/video/ Frame DCAF 		26 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10523
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:08 GMT
integrator.js
adservice.google.com/adsid/ Frame DCAF 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=signonvscreen-go.webcindario.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
223518
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/223518?VPAID=JS&content_page_url=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&cb=-939519862&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:10 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000282
X-SpotX-Timing-SpotMarket
0.022200
X-SpotX-Timing-Page-Mux
0.000212
X-SpotX-Timing-Page-Require
0.000328
X-fe
076
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000019
Content-Length
77
X-SpotX-Timing-Page
0.025367
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000272
Last-Modified
Sat, 30 Mar 2019 12:19:10 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.022200
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
X-SpotX-Timing-Page-Misc
0.002043
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ima3vpaid
tpc.googlesyndication.com/ 		941 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-750433101&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
86146bb32604712a578542ff2920767d0130546ca5e4a28544a579529a5ae547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Mar 2019 12:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
private
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
608
x-xss-protection
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame C398 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8b84efacd6eec05af6399e7ff4d020c44209ee76e0494e29cc2ff3013b0aceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Mar 2019 17:11:07 GMT
server
sffe
age
428
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
15408
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:27:02 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C398 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b2bbbf299b9ef55b814e7837cce59810e13f4d07dd4c9b035435ee106183499b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
85023
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:12 GMT
bridge3.289.0_en.html
imasdk.googleapis.com/js/core/ Frame FE0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.289.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
183600
date
Tue, 26 Mar 2019 18:07:04 GMT
expires
Wed, 25 Mar 2020 18:07:04 GMT
last-modified
Tue, 26 Mar 2019 17:41:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
324728
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
client.js
s0.2mdn.net/instream/video/ Frame C398 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10523
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:12 GMT
integrator.js
adservice.google.com/adsid/ Frame C398 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=signonvscreen-go.webcindario.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
oath-viewability-sdk-v2.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 95E9 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk-v2.js
Requested by
Host: vpaid.springserve.net
URL: https://vpaid.springserve.net/production/vpaid_627b678b.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:7c:800::4000 , United Kingdom, ASN43428 (YAHOO-ULS, GB),
Reverse DNS
Software
ATS /
Resource Hash
04f22f0e0457a579504961f4c34a4b5f25b4db1717d5d7ef49723b5eff47bda4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 28 Mar 2019 08:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186012
x-amz-server-side-encryption
AES256
status
200
content-length
11961
strict-transport-security
max-age=15552000
x-amz-request-id
B1C61729545C6FC5
x-amz-id-2
+MJxNhmGdQ1h7grgXc7YL8zEfglfpQQ/3rpc6i1oqm1DKEaxtrUFIAEPSIZ5CbZcFEuXG+nV8cM=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Mar 2019 15:43:56 GMT
server
ATS
etag
"d74a824df667d5a71dbdcf100d6b3b85-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges
bytes
content-type
application/javascript
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 95E9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: vpaid.springserve.net
URL: https://vpaid.springserve.net/production/vpaid_627b678b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6ce664ceae33cc2ae4c0e5dc84131f407280a570cd85af4e5d7620c41949f056

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:13 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-2da6-583e0acf068a5"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
715
Expires
Sat, 30 Mar 2019 12:19:13 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 95E9 		0
0
218947.js
js.spotx.tv/directsdk/v1/ Frame 95E9 		0
0
v2
es-sunicontent.videoplaza.tv/proxy/distributor/ 		49 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/MiArrobaDesktop&tt=p&rt=vast_2.0&rn=662300685&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d&vht=225&vwt=400
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.28.138.14 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
stc-185-28-138.videoplaza.net
Software
/
Resource Hash
94e1a7df7b7c4695682434065dd9aebf52bb2ff9e8d4ff15cf2d5dd3bdb162be

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:13 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
es-sunicontent.videoplaza.tv/proxy/tracker/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&e=0&gdpr=1&gdpr_consent=1&loc=CJQCEI9RGMsNIKbsEC0HH1JCNTJVVUE6BmJlcmxpbkIDIyMj&pf=fl_11&pid=02a34179-52e6-11e9-a673-0a58ac163806&s=MobusiIH/MiArrobaDesktop&tid=04e23583-52e6-11e9-9bb8-0a58ac16400f&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.28.138.14 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
stc-185-28-138.videoplaza.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 30 Mar 2019 12:19:13 GMT
content-length
0
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D9CB 		146 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f4a145203541b8f36d96cf41a3245654a25e621c52e8e050c947674936bbe48

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:13 GMT
Last-Modified
Tue, 26 Mar 2019 11:59:08 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"140829f-24795-584fe0c7299e4"
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
149397
207956
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&cb=-2031721218&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:13 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000341
X-SpotX-Timing-SpotMarket
0.249015
X-SpotX-Timing-Page-Mux
0.000183
X-SpotX-Timing-Page-Require
0.000304
X-fe
130
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000022
Content-Length
77
X-SpotX-Timing-Page
0.252564
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000274
Last-Modified
Sat, 30 Mar 2019 12:19:13 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.074092
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
X-SpotX-Timing-Page-Misc
0.002416
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.174923
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 3AB6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=29D0C551-F37D-471B-8024-988D0B2EE08E; DPSync2=1553990400%3A174%7C1555113600%3A201_197; KRTBCOOKIE_18=22947-1041527793252699655; PugT=1553948348; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEBoxJgZn-epL005MflczmZo&KRTB&22987-CAESEBoxJgZn-epL005MflczmZo&KRTB&22995-CAESEBoxJgZn-epL005MflczmZo&KRTB&23025-CAESEBoxJgZn-epL005MflczmZo; KRTBCOOKIE_377=6810-0694ea20-b7f4-4367-83ca-8a842d362cd3&KRTB&22918-0694ea20-b7f4-4367-83ca-8a842d362cd3&KRTB&23031-0694ea20-b7f4-4367-83ca-8a842d362cd3; KRTBCOOKIE_27=16735-uid:dfe35c9f-5dd8-4000-91dc-b42af0f8783f&KRTB&16736-uid:dfe35c9f-5dd8-4000-91dc-b42af0f8783f; KRTBCOOKIE_391=22924-3984550581953449554; pp=156498; PMDTSHR=cat:; SyncRTB2=1554768000%3A63%7C1554508800%3A2_15%7C1555113600%3A54_8_56_71_7_46_21_22_161_3; ipc=156759^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156759%26pr%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D70%2526partnerUserId%253D%2523PMUID^2^0; SPugT=1553948352
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Last-Modified
Thu, 15 Nov 2018 04:53:43 GMT
ETag
"13006b6-9ed1-57aacd5c8da70"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
15271
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131527
Expires
Mon, 01 Apr 2019 00:51:20 GMT
Date
Sat, 30 Mar 2019 12:19:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D9CB 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
44a3b4335a2838d5f1e3da151d72565c434518a9eddcc796ca8d081d328384a9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Nov 2018 04:53:43 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-9ed1-57aacd5c8da70"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=131527
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
15271
Expires
Mon, 01 Apr 2019 00:51:20 GMT
ac
www8.smartadserver.com/ 		129 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-285126491&gdpr=1&gdpr_consent=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
228
Expires
-1
ac
www8.smartadserver.com/ 		129 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=298325983&vph=385&vpw=640&pgDomain=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&vpaidt=js&vpaidv=1,2gdpr=1&gdpr_consent=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Mar 2019 12:19:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
228
Expires
-1
ima3vpaid
tpc.googlesyndication.com/ 		962 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=481050466&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3459096636%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f24e9291059cfe3f2b98b261248ed334b0f01cc35421bd2e7718f7e6720b48cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
Origin
https://signonvscreen-go.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Mar 2019 12:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://signonvscreen-go.webcindario.com
cache-control
private
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
626
x-xss-protection
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 36DE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3459096636%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll&correlator=481050466
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8b84efacd6eec05af6399e7ff4d020c44209ee76e0494e29cc2ff3013b0aceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Mar 2019 17:11:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
15408
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:34:13 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 36DE 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fchannel%3Dvastadp%26slotname%3D/143394101/ca-video-pub-8221793852898543-tag/3459096636%26gdfp_req%3Dtrue%26env%3Dvp%26tfcd%3D0%26output%3Dvast%26sz%3D400x300%257C640x480%26unviewed_position_start%3D1%26npa%3Dfalse%26video_url_to_fetch%3Dhttps://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php%253Fcmd%253D_account-details%26vpmute%3Dtrue%26vpos%3Dpreroll&correlator=481050466
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b2bbbf299b9ef55b814e7837cce59810e13f4d07dd4c9b035435ee106183499b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
85023
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:13 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame D9CB 		27 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fsignonvscreen-go.webcindario.com%252Fbankofamerica%252Fedf24f85%252Fchallengevdl.php%253Fcmd%253D_account-details%2526session%253D513d30dbe99de35d0f6f419fbeefd410%2526dispatch%253D34b56c80c08f23092112c77e0ec02e15e60afd4d&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fsignonvscreen-go.webcindario.com%252Fbankofamerica%252Fedf24f85%252Fchallengevdl.php%253Fcmd%253D_account-details%2526session%253D513d30dbe99de35d0f6f419fbeefd410%2526dispatch%253D34b56c80c08f23092112c77e0ec02e15e60afd4d&vwndref=&vc=2&js=1&sec=1&kltstamp=2019-3-30%2012:19:13&ranreq=0.008874905511317754&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://signonvscreen-go.webcindario.com

Response headers

Date
Sat, 30 Mar 2019 12:19:13 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://signonvscreen-go.webcindario.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame D9CB 		0
0
track
aktrack.pubmatic.com/ Frame 95E9 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1553948353&wa=0&e=96&ier=901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 30 Mar 2019 12:19:13 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
bridge3.289.0_en.html
imasdk.googleapis.com/js/core/ Frame DE73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.289.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.289.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
183600
date
Tue, 26 Mar 2019 18:07:04 GMT
expires
Wed, 25 Mar 2020 18:07:04 GMT
last-modified
Tue, 26 Mar 2019 17:41:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
324730
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
client.js
s0.2mdn.net/instream/video/ Frame 36DE 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10523
x-xss-protection
0
expires
Sat, 30 Mar 2019 12:19:14 GMT
integrator.js
adservice.google.com/adsid/ Frame 36DE 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=signonvscreen-go.webcindario.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signonvscreen-go.webcindario.com/bankofamerica/edf24f85/challengevdl.php?cmd=_account-details&session=513d30dbe99de35d0f6f419fbeefd410&dispatch=34b56c80c08f23092112c77e0ec02e15e60afd4d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 30 Mar 2019 12:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=d4ab9f5b-8b2a-498a-aaa6-b6c55933f065
Domain
media.sabio.us
URL
https://media.sabio.us/imp_pixel?invsrc=11&secure=1
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=http%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
js.spotx.tv
URL
https://js.spotx.tv/directsdk/v1/218947.js
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1553948354&wa=0&e=95&vc=2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer object| adsbygoogle function| unhideBody object| google_tag_manager string| GoogleAnalyticsObject function| mia_ga object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| vpaidLoader object| lkqd function| lkqd_http_response string| uAgent number| SMGDPRKey object| device object| SMInHome object| mobile_blocked_mfs object| adblockDetector object| pixel2 string| url number| sm_conscore_rnda number| sm_conscore_rndb object| agkn function| setUpAgknTag object| _comscore object| SMCurrentPlayer function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet function| udm_ object| ns_p object| COMSCORE object| closure_lm_591136 object| closure_lm_538039 object| closure_lm_119758 object| closure_lm_453259

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.signonvscreen-go.webcindario.com/ Name: _gat_UA-597118-7
Value: 1
.signonvscreen-go.webcindario.com/ Name: _gid
Value: GA1.3.1007261578.1553948342
.signonvscreen-go.webcindario.com/ Name: _ga
Value: GA1.3.600640566.1553948342
signonvscreen-go.webcindario.com/ Name: PHPSESSID
Value: fa3b3ef722e6b9ba0c418b1d0b72a1ed
.webcindario.com/ Name: __muid
Value: bab8477f86b052777b7495827977ccc7670ae7a6

16 Console Messages

Source Level URL
Text
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:PM AdRequest Time: 0.856secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:Ad Error Time: 0.864secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:Total Component Time since player call: 0.975secs.
console-api warning URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:PM AdRequest Time: 0.521secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:Ad Error Time: 0.524secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-info:Total Component Time since player call: 0.592secs.
console-api warning URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fsignonvscreen-go.webcindario.com%2Fbankofamerica%2Fedf24f85%2Fchallengevdl.php%3Fcmd%3D_account-details%26session%3D513d30dbe99de35d0f6f419fbeefd410%26dispatch%3D34b56c80c08f23092112c77e0ec02e15e60afd4d(Line 183)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.lkqd.net
ads.pubmatic.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
beacon.krxd.net
bh.contextweb.com
cdn-ssl.vidible.tv
cm.g.doubleclick.net
cms.quantserve.com
cookie.brealtime.com
cs.lkqd.net
csync.loopme.me
d.agkn.com
d.turn.com
dpm.demdex.net
dt-secure.videohub.tv
es-sunicontent.videoplaza.tv
fonts.googleapis.com
googleads.g.doubleclick.net
gu.dyntrk.com
hosting.miarroba.info
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
js.agkn.com
js.spotx.tv
match.adsrvr.org
media.sabio.us
mx-sunmedia.videoplaza.tv
pagead2.googlesyndication.com
pixeltrack.eyeviewads.com
rtb.adentifi.com
s.richaudience.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure.adnxs.com
signonvscreen-go.webcindario.com
stags.bluekai.com
static.addevweb.com
static.sunmedia.tv
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.tidaltv.com
t.lkqd.net
tpc.googlesyndication.com
track.eyeviewads.com
track.sunmedia.tv
us-u.openx.net
v.lkqd.net
vid.pubmatic.com
vpaid.pubmatic.com
vpaid.springserve.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www8.smartadserver.com
x.mdhv.io
aktrack.pubmatic.com
cs.lkqd.net
csync.loopme.me
ib.adnxs.com
js.spotx.tv
media.sabio.us
t.lkqd.net
104.111.214.103
104.111.241.32
104.17.119.107
146.20.129.103
146.20.129.113
146.20.129.120
146.20.133.41
146.20.133.47
151.101.192.166
151.101.2.49
172.217.18.162
173.241.240.143
185.103.39.29
185.28.138.14
185.29.135.48
185.33.223.216
185.64.189.110
185.64.189.111
185.64.189.114
185.64.189.216
185.86.137.42
185.94.180.123
2.18.233.180
2001:4860:4802:32::15
205.185.216.10
2600:9000:200d:e600:15:efbc:e300:93a1
2606:4700:20::6819:ce08
2a00:1288:7c:800::4000
2a00:1450:4001:806::200e
2a00:1450:4001:814::2003
2a00:1450:4001:815::2002
2a00:1450:4001:816::2004
2a00:1450:4001:818::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2006
2a00:1450:4001:820::2008
2a00:1450:4001:824::2002
2a00:1450:4001:825::200a
2a00:1450:400c:c0c::9a
3.17.116.255
3.93.230.61
34.95.92.78
37.59.34.134
46.228.164.13
5.57.226.202
51.68.180.203
51.77.128.18
52.215.24.84
52.23.95.206
52.5.0.37
54.154.201.99
54.154.86.186
54.247.70.45
54.85.109.204
67.226.210.14
69.16.175.42
91.228.74.213
003d8bc4b3f51753c68f64ce4feb02ddfb9d0c6c94702c113ece56fab6ec0fd5
021ece809cc629f17524c1e4de64b3a3d88960389d5b4dc052d3e82e70ff93ba
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f22f0e0457a579504961f4c34a4b5f25b4db1717d5d7ef49723b5eff47bda4
0857735bef9a9a42050687fd58a3d5e2c0fc22cc9fe9ce0293c8f78edce7b366
0a6a28ee80c24971a045e09708a8ee84c21294f0e7f37fe06936414171af3d03
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201
1dbaa336651d898b99626cd80ec5f2ca9b0971429d6e0d9c20bead1322c362c7
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2939d607a8ad67edbc7ade28075844c18c904d4b2b87145db848382a50af0214
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2
3647cb4d72a5035b8d5580e571f570eb91c5e808b39493ca98139206db4ca28c
36870b7962d775ac7400b1931ae54b1e978d3495323882bb351b7b7afae46114
3bd5ac9684632300424ca98cbe5c5ee9af57d20ba97ced23899daf5ea9bd6685
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
44a3b4335a2838d5f1e3da151d72565c434518a9eddcc796ca8d081d328384a9
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb
4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60
4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877
4f4a145203541b8f36d96cf41a3245654a25e621c52e8e050c947674936bbe48
535a78c686e15e06175d5b99a166b27fe915a8a5f526df00b355f9ca0032e122
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5f8b7b252822d5661b6e0d3a9bc341e682358dadc6b43e02d43a7c95596b250b
5fd8adf973b00b328041f9a86c8f304d4edec897854dfc24830ea557030b819b
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
6ce664ceae33cc2ae4c0e5dc84131f407280a570cd85af4e5d7620c41949f056
72042d3923be4aed26983c927543df8fde3fe290257e4afc1215d3e6d9e8d6c2
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb
7d858bbadc7cce39e10f8f57fea3e64377c57581b9ac7b3384dca9a1c70de895
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
7ed393c0873191e300cd7674d7c5d52ba57ac69092c8d101abe7849967bc3811
86146bb32604712a578542ff2920767d0130546ca5e4a28544a579529a5ae547
8723cae31a124bb3aba17b012e29bfc6360ecba1b40661077000e8a97afa0e55
87748725c8fd4cd28e20c57d926966db8f6c4f55f2fcdeb4bf1a975aede6401b
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
94e1a7df7b7c4695682434065dd9aebf52bb2ff9e8d4ff15cf2d5dd3bdb162be
94f243198ac37ef309f89bf03a8faf0c93c1c5a45a39f46c1ca7491306b0ac68
971008b72af43541badbada12dbdccb084a1a5df78928f28fc7ad2694a01c21b
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9ed6308b644f91c953d318635ae4c5ea03977a40badb5c0ea94e963dd343a8dc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a32e6bf7721ac406684c7d5205314007a46eb6fefed76390ce5063c52e54ba6c
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a841b2c897a2907ff40cca3d1f9f2a912f98a260a9b9b59fdb418148d122bda8
b0f184fbe0d818a5c23b5540423a251bef3290d1968df6c9c456f1887d391ec0
b2bbbf299b9ef55b814e7837cce59810e13f4d07dd4c9b035435ee106183499b
b839034f628a96a6dda89a49b8bce1f25a8028c328a8c4a3a49ffb3c053ad1f8
b8b84efacd6eec05af6399e7ff4d020c44209ee76e0494e29cc2ff3013b0aceb
bc4dce29948a68257d214f6c1e87337294023b885d59b0866a39ec462387598c
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412
c059c6c1e89f56b93ab0a04af58a698adef6064253b80c5f09ba4ba229d6263b
c7f94653a38de4d99e3c5ff3f00aa2cdd909e7e853a1cce3832258887b078836
ca15c6cff19e548f8d87231c5b94f459a1631a8157ae81122101e3ed072b60a3
dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151
e0a182c2bdf5f43ea94112774f76f3e6c15d75f27278bd943e0da1a96724c33e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edf4a266c4821ae290a774915059a28ec8f0ccfe2a3ec910a4c89f94d42e24cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a23903096874ca71eb7363dd68fa44696d8d013f87f11d2c3aa868fc8df989
f24e9291059cfe3f2b98b261248ed334b0f01cc35421bd2e7718f7e6720b48cc