capitalone.banklocationmaps.com Open in urlscan Pro
52.203.96.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capitalone.banklocationmaps.com/
Effective URL:
https://capitalone.banklocationmaps.com/
Submission: On May 21 via api (May 21st 2021, 5:03:55 am UTC) from US

Summary HTTP 103 Redirects Links 65 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 13 domains to perform 103 HTTP transactions. The main IP is 52.203.96.188, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is capitalone.banklocationmaps.com.
TLS certificate: Issued by R3 on April 18th 2021. Valid for: 3 months.

This is the only time capitalone.banklocationmaps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.203.96.188 52.203.96.188	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:9000:206... 2600:9000:206f:b400:7:9a11:48c0:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2012	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2012	15169 (GOOGLE) (GOOGLE)
103	22

2 52.203.96.188 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

capitalone.banklocationmaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206f:b400:7:9a11:48c0:21 (United States)

ASN16509 (AMAZON-02, US)

dj135koobai3n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

khms0.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)

p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dzc-v6exp3-ds.metric.ipv6test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2012 (Ireland)

ASN15169 (GOOGLE, US)

dzc-v6exp3-ds.metric.ipv6test.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	449 KB
17	googleapis.com fonts.googleapis.com maps.googleapis.com khms0.googleapis.com	308 KB
13	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	69 KB
11	gstatic.com fonts.gstatic.com maps.gstatic.com p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com www.gstatic.com	360 KB
11	google.com 2 redirects www.google.com adservice.google.com	28 KB
6	cloudfront.net dj135koobai3n.cloudfront.net	254 KB
4	googletagservices.com www.googletagservices.com	135 KB
3	google.de www.google.de adservice.google.de	394 B
2	google-analytics.com www.google-analytics.com	19 KB
2	banklocationmaps.com 1 redirects capitalone.banklocationmaps.com	7 KB
1	ipv6test.net dzc-v6exp3-ds.metric.ipv6test.net	410 B
1	ipv6test.com dzc-v6exp3-ds.metric.ipv6test.com	410 B
1	googleadservices.com partner.googleadservices.com	268 B
103	13

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com capitalone.banklocationmaps.com pagead2.googlesyndication.com
12	maps.googleapis.com	www.google.com maps.googleapis.com capitalone.banklocationmaps.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	capitalone.banklocationmaps.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	www.google.com	2 redirects capitalone.banklocationmaps.com maps.googleapis.com
6	dj135koobai3n.cloudfront.net	capitalone.banklocationmaps.com dj135koobai3n.cloudfront.net
5	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.googleapis.com	capitalone.banklocationmaps.com tpc.googlesyndication.com maps.googleapis.com googleads.g.doubleclick.net
3	maps.gstatic.com	www.google.com capitalone.banklocationmaps.com
2	p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	capitalone.banklocationmaps.com www.google-analytics.com
2	capitalone.banklocationmaps.com	1 redirects
1	dzc-v6exp3-ds.metric.ipv6test.net
1	dzc-v6exp3-ds.metric.ipv6test.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	khms0.googleapis.com	capitalone.banklocationmaps.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	capitalone.banklocationmaps.com
1	stats.g.doubleclick.net	www.google-analytics.com
103	22

This site contains links to these domains. Also see Links.

Domain
www.banklocationmaps.com
www.capitalone.com
en.wikipedia.org
abc.banklocationmaps.com
allpoint.banklocationmaps.com
anz.banklocationmaps.com
bdo.banklocationmaps.com
bankofamerica.banklocationmaps.com
bankofchina.banklocationmaps.com
bankofmelbourne.banklocationmaps.com
boq.banklocationmaps.com
barclays.banklocationmaps.com
bbva.banklocationmaps.com
bendigo.banklocationmaps.com
bmo.banklocationmaps.com
bnp.banklocationmaps.com
chase.banklocationmaps.com
ccb.banklocationmaps.com
cibc.banklocationmaps.com
citibank.banklocationmaps.com
comerica.banklocationmaps.com
cba.banklocationmaps.com
dbs.banklocationmaps.com
emirates.banklocationmaps.com
fifththird.banklocationmaps.com
hdfc.banklocationmaps.com
hsbc.banklocationmaps.com
huntington.banklocationmaps.com
icbc.banklocationmaps.com
keybank.banklocationmaps.com
landbank.banklocationmaps.com
laurentian.banklocationmaps.com
lloyds.banklocationmaps.com
metrobank.banklocationmaps.com
mtb.banklocationmaps.com
mufg.banklocationmaps.com
nab.banklocationmaps.com
nbc.banklocationmaps.com
nationwide.banklocationmaps.com
ocbc.banklocationmaps.com
pnb.banklocationmaps.com
pnc.banklocationmaps.com
rbc.banklocationmaps.com
regions.banklocationmaps.com
rbs.banklocationmaps.com
santander.banklocationmaps.com
scotiabank.banklocationmaps.com
standardchartered.banklocationmaps.com
sbi.banklocationmaps.com
stgeorge.banklocationmaps.com
suncorp.banklocationmaps.com
tdbank.banklocationmaps.com
truist.banklocationmaps.com
tsb.banklocationmaps.com
ubs.banklocationmaps.com
uob.banklocationmaps.com
usbank.banklocationmaps.com
wellsfargo.banklocationmaps.com
westpac.banklocationmaps.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
capitalone.banklocationmaps.com R3	`2021-04-18` - `2021-07-17`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.metric.ipv6test.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.metric.ipv6test.net GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://capitalone.banklocationmaps.com/
Frame ID: 9AB2C548014D95354AA59468C6DA3A84
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2
Frame ID: B79AB53CA8A19732AEAA17F321AC4FA8
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 21C40D50460CB0B7248A74DADA2988A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=90&slotname=5074757856&adk=3807483278&adf=4258829193&pi=t.ma~as.5074757856&w=970&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=2&psa=0&format=970x90&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416300&bpp=8&bdt=466&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5795101123941&frm=20&pv=2&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mO1tNZYO6h&p=https%3A//capitalone.banklocationmaps.com&dtd=96
Frame ID: DBDCE2A68CF51266B69FF68B2BABF86B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=250&slotname=7234017332&adk=2300315155&adf=1932483714&pi=t.ma~as.7234017332&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416308&bpp=3&bdt=474&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TqRneOw5Vs&p=https%3A//capitalone.banklocationmaps.com&dtd=109
Frame ID: 26BF3AF40548A95609C6FD5C07690828
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=600&slotname=7152280375&adk=3712256781&adf=4098850427&pi=t.ma~as.7152280375&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416311&bpp=3&bdt=476&idt=116&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x250&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mBYm1ZLXAk&p=https%3A//capitalone.banklocationmaps.com&dtd=124
Frame ID: E2E6963DC00CF4ECD49E3EA1C3702270
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&adk=1812271804&adf=3025194257&lmt=1621573416&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416314&bpp=2&bdt=479&idt=138&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x250%2C300x600&nras=1&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=155
Frame ID: 9E92086F13C69D98C8C3CE378D215BF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 60A8D73638A972E7FD1AB12225B58519
Requests: 2 HTTP requests in this frame

Frame: https://p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 48FEC2CDE016DAB0DDD23882C817DB2D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/index.html
Frame ID: B4CCE9876D7A2ADF6F23403D9310BED4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1EAC82A76ED309E93B23DB57986F99F9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Frame ID: 0940BDF1C3573AE96FFDE845769346BB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Frame ID: C87F6CA43EAD7C74570E7C3648EED3FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D490E6FDF4A52F4FE2D72DB03A090E46
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://capitalone.banklocationmaps.com/ HTTP 301
https://capitalone.banklocationmaps.com/ Page URL

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

103
Requests

99 %
HTTPS

81 %
IPv6

13
Domains

22
Subdomains

22
IPs

4
Countries

1631 kB
Transfer

3520 kB
Size

1
Cookies

65 Outgoing links

These are links going to different origins than the main page.

URL: https://www.banklocationmaps.com/
Title: Bank Location Maps

Search URL Search Domain Scan URL

URL: https://www.banklocationmaps.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.capitalone.com/
Title: Capital One Website

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Capital_One
Title: Capital One Information

Search URL Search Domain Scan URL

URL: https://abc.banklocationmaps.com/
Title: ABC

Search URL Search Domain Scan URL

URL: https://allpoint.banklocationmaps.com/
Title: Allpoint

Search URL Search Domain Scan URL

URL: https://anz.banklocationmaps.com/
Title: ANZ

Search URL Search Domain Scan URL

URL: https://bdo.banklocationmaps.com/
Title: BDO

Search URL Search Domain Scan URL

URL: https://bankofamerica.banklocationmaps.com/
Title: BofA

Search URL Search Domain Scan URL

URL: https://bankofchina.banklocationmaps.com/
Title: BOC

Search URL Search Domain Scan URL

URL: https://bankofmelbourne.banklocationmaps.com/
Title: Bank of Melbourne

Search URL Search Domain Scan URL

URL: https://boq.banklocationmaps.com/
Title: BOQ

Search URL Search Domain Scan URL

URL: https://barclays.banklocationmaps.com/
Title: Barclays

Search URL Search Domain Scan URL

URL: https://bbva.banklocationmaps.com/
Title: BBVA

Search URL Search Domain Scan URL

URL: https://bendigo.banklocationmaps.com/
Title: Bendigo Bank

Search URL Search Domain Scan URL

URL: https://bmo.banklocationmaps.com/
Title: BMO

Search URL Search Domain Scan URL

URL: https://bnp.banklocationmaps.com/
Title: BNP

Search URL Search Domain Scan URL

URL: https://chase.banklocationmaps.com/
Title: Chase

Search URL Search Domain Scan URL

URL: https://ccb.banklocationmaps.com/
Title: CCB

Search URL Search Domain Scan URL

URL: https://cibc.banklocationmaps.com/
Title: CIBC

Search URL Search Domain Scan URL

URL: https://citibank.banklocationmaps.com/
Title: Citibank

Search URL Search Domain Scan URL

URL: https://comerica.banklocationmaps.com/
Title: Comerica

Search URL Search Domain Scan URL

URL: https://cba.banklocationmaps.com/
Title: CBA

Search URL Search Domain Scan URL

URL: https://dbs.banklocationmaps.com/
Title: DBS

Search URL Search Domain Scan URL

URL: https://emirates.banklocationmaps.com/
Title: Emirates

Search URL Search Domain Scan URL

URL: https://fifththird.banklocationmaps.com/
Title: Fifth Third

Search URL Search Domain Scan URL

URL: https://hdfc.banklocationmaps.com/
Title: HDFC

Search URL Search Domain Scan URL

URL: https://hsbc.banklocationmaps.com/
Title: HSBC

Search URL Search Domain Scan URL

URL: https://huntington.banklocationmaps.com/
Title: Huntington

Search URL Search Domain Scan URL

URL: https://icbc.banklocationmaps.com/
Title: ICBC

Search URL Search Domain Scan URL

URL: https://keybank.banklocationmaps.com/
Title: KeyBank

Search URL Search Domain Scan URL

URL: https://landbank.banklocationmaps.com/
Title: LBP

Search URL Search Domain Scan URL

URL: https://laurentian.banklocationmaps.com/
Title: LBC

Search URL Search Domain Scan URL

URL: https://lloyds.banklocationmaps.com/
Title: Lloyds

Search URL Search Domain Scan URL

URL: https://metrobank.banklocationmaps.com/
Title: MBT

Search URL Search Domain Scan URL

URL: https://mtb.banklocationmaps.com/
Title: MTB

Search URL Search Domain Scan URL

URL: https://mufg.banklocationmaps.com/
Title: MUFG

Search URL Search Domain Scan URL

URL: https://nab.banklocationmaps.com/
Title: NAB

Search URL Search Domain Scan URL

URL: https://nbc.banklocationmaps.com/
Title: NBC

Search URL Search Domain Scan URL

URL: https://nationwide.banklocationmaps.com/
Title: Nationwide

Search URL Search Domain Scan URL

URL: https://ocbc.banklocationmaps.com/
Title: OCBC

Search URL Search Domain Scan URL

URL: https://pnb.banklocationmaps.com/
Title: PNB

Search URL Search Domain Scan URL

URL: https://pnc.banklocationmaps.com/
Title: PNC

Search URL Search Domain Scan URL

URL: https://rbc.banklocationmaps.com/
Title: RBC

Search URL Search Domain Scan URL

URL: https://regions.banklocationmaps.com/
Title: Regions

Search URL Search Domain Scan URL

URL: https://rbs.banklocationmaps.com/
Title: RBS

Search URL Search Domain Scan URL

URL: https://santander.banklocationmaps.com/
Title: Santander

Search URL Search Domain Scan URL

URL: https://scotiabank.banklocationmaps.com/
Title: Scotiabank

Search URL Search Domain Scan URL

URL: https://standardchartered.banklocationmaps.com/
Title: SC

Search URL Search Domain Scan URL

URL: https://sbi.banklocationmaps.com/
Title: SBI

Search URL Search Domain Scan URL

URL: https://stgeorge.banklocationmaps.com/
Title: St.George

Search URL Search Domain Scan URL

URL: https://suncorp.banklocationmaps.com/
Title: Suncorp

Search URL Search Domain Scan URL

URL: https://tdbank.banklocationmaps.com/
Title: TD

Search URL Search Domain Scan URL

URL: https://truist.banklocationmaps.com/
Title: Truist

Search URL Search Domain Scan URL

URL: https://tsb.banklocationmaps.com/
Title: TSB

Search URL Search Domain Scan URL

URL: https://ubs.banklocationmaps.com/
Title: UBS

Search URL Search Domain Scan URL

URL: https://uob.banklocationmaps.com/
Title: UOB

Search URL Search Domain Scan URL

URL: https://usbank.banklocationmaps.com/
Title: US Bank

Search URL Search Domain Scan URL

URL: https://wellsfargo.banklocationmaps.com/
Title: Wells Fargo

Search URL Search Domain Scan URL

URL: https://westpac.banklocationmaps.com/
Title: Westpac

Search URL Search Domain Scan URL

URL: https://www.banklocationmaps.com/copyright-notice
Title: Copyright Notice

Search URL Search Domain Scan URL

URL: https://www.banklocationmaps.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.banklocationmaps.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://twitter.com/BankLocationMap
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BankLocationMaps
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capitalone.banklocationmaps.com/ HTTP 301
https://capitalone.banklocationmaps.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

103 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
capitalone.banklocationmaps.com/
Redirect Chain

http://capitalone.banklocationmaps.com/
https://capitalone.banklocationmaps.com/

26 KB
7 KB

349ms
137ms

Document
text/html

52.203.96.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://capitalone.banklocationmaps.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.96.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Cowboy /

Resource Hash

bc7199d4e06c2f8cc7ff6fe395cdb93255a71a789a36b103eb16f1c4f3de225b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: capitalone.banklocationmaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Cowboy
Date: Fri, 21 May 2021 05:03:34 GMT
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Content-Type: text/html; charset=utf-8
Etag: W/"bc7199d4e06c2f8cc7ff6fe395cdb932"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 0926b9ff-0fb9-4526-a95e-b6ec349fa32d
X-Runtime: 0.026071
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 vegur

Redirect headers

Server: Cowboy
Date: Fri, 21 May 2021 05:03:34 GMT
Connection: keep-alive
Content-Type: text/html
Location: https://capitalone.banklocationmaps.com/
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H2 200 bank-location-maps-skyline-046bcf96bcd78836d4fe2dd7c66f19933837413df7ce34eb0470f2cba676150f.png
dj135koobai3n.cloudfront.net/assets/ 144 KB
145 KB 46ms
16ms Image
image/png 2600:9000:206f:b400:7:9a11:48c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dj135koobai3n.cloudfront.net/assets/bank-location-maps-skyline-046bcf96bcd78836d4fe2dd7c66f19933837413df7ce34eb0470f2cba676150f.png

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:b400:7:9a11:48c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

d3a669586da991aae07041e09e6d6c622dc268f5b392e927568eab1f1e3b3fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 05:58:33 GMT
via: 1.1 vegur, 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Sat, 12 Sep 2020 10:42:26 GMT
server: Cowboy
age: 947101
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: public, max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-cf-id: c0WwRfYxL3LzCM0nWABaZJESAAkzwkBuv_QSljaXLif2bEkFq921DA==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
676 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500,700&display=swap

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbbf9f9ba589a91f29a59a64ebf77dcdbb61e13f830c02c18b8899aef166adea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 May 2021 04:22:53 GMT
server: ESF
date: Fri, 21 May 2021 05:03:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 May 2021 05:03:35 GMT

GET
H2 200 application-c38552bbf5fd4983e857aa5e95bc20346b81b2441aad3f82d8daf08d56059941.css
dj135koobai3n.cloudfront.net/assets/ 183 KB
26 KB 39ms
14ms Stylesheet
text/css 2600:9000:206f:b400:7:9a11:48c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dj135koobai3n.cloudfront.net/assets/application-c38552bbf5fd4983e857aa5e95bc20346b81b2441aad3f82d8daf08d56059941.css

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:b400:7:9a11:48c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

2013ea9dd7fd75d4f5685e433fbd4a40074c4037dd263f6e1028784f8aa04db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:06:56 GMT
via: 1.1 vegur, 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 12:47:22 GMT
server: Cowboy
age: 626199
vary: Accept-Encoding,Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
content-type: text/css
cache-control: public, max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
content-encoding: br
x-amz-cf-id: yPNe03UWFo-m6_lC6RM1f50cc4y-iLPCBpggZlgL3pIJpdv6AcBLhA==

GET
H2 200 application-359b73e5018bf8aec347a37a1bdc014c25a7aad50a5f6005e12cc1b4b27f7e12.js Show response
dj135koobai3n.cloudfront.net/assets/ 100 KB
34 KB 46ms
21ms Script
application/javascript 2600:9000:206f:b400:7:9a11:48c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dj135koobai3n.cloudfront.net/assets/application-359b73e5018bf8aec347a37a1bdc014c25a7aad50a5f6005e12cc1b4b27f7e12.js

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:b400:7:9a11:48c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

14e6a8aa47524090488341ff837d39891c6960c11f5cb3d47df762aa7bce7a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:06:56 GMT
via: 1.1 vegur, 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 12:02:47 GMT
server: Cowboy
age: 626199
vary: Accept-Encoding,Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
content-encoding: br
x-amz-cf-id: _l2Trv8oRO_nt6ZWvc_4V9LKKgVCmnavkHhybs350CM5lF6edw5lwA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5619
date: Fri, 21 May 2021 03:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 21 May 2021 05:29:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 May 2021 05:03:35 GMT

GET
H2 200 logo-8adfff5218c20a4fd8fe911d9f464bf717d5f4262f5d9b7fa60d32b3a460a61e.png
dj135koobai3n.cloudfront.net/assets/ 5 KB
6 KB 13ms
12ms Image
image/png 2600:9000:206f:b400:7:9a11:48c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dj135koobai3n.cloudfront.net/assets/logo-8adfff5218c20a4fd8fe911d9f464bf717d5f4262f5d9b7fa60d32b3a460a61e.png

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:b400:7:9a11:48c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

ce8c56c639b661da7a9cae220241099dbdf4cc4a859fbdce4c907f54a8cd58be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 05:58:33 GMT
via: 1.1 vegur, 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jun 2020 03:12:01 GMT
server: Cowboy
age: 947101
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: public, max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-cf-id: BsZA_-UWYh-dEcY9EJvZhgGRorihYG3VHBLtIkZmOrIh57AxfY7ZbQ==

GET
H2 200 capitalone-bdc4a77f45dae44b1ccd4a69adc760d61e26c78e9bac0758ef9d661aa1ee8671.webp
dj135koobai3n.cloudfront.net/assets/logos/ 2 KB
3 KB 13ms
13ms Image
image/webp 2600:9000:206f:b400:7:9a11:48c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dj135koobai3n.cloudfront.net/assets/logos/capitalone-bdc4a77f45dae44b1ccd4a69adc760d61e26c78e9bac0758ef9d661aa1ee8671.webp

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:b400:7:9a11:48c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

3c578fddd74eecf585bb7d945bc2750080edcac1640c96e91869a84afe94f221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 06:31:11 GMT
via: 1.1 vegur, 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Wed, 24 Feb 2021 11:48:51 GMT
server: Cowboy
age: 945144
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
cache-control: public, max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-cf-id: uarTzs5WfJK1LK2g0bMGxAh4wzKe_F-jHS017GjaiGXM_cM-OxHLaQ==

GET
H2 200 view Show response
www.google.com/maps/embed/v1/ Frame B79A 1 KB
897 B 43ms
43ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

95a77ffd7973e214f9a912d7fa7d190a37b25c3983f67b364f583f55cef06d33

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-f+GiZz9t4FEthaYbCPdkBw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://capitalone.banklocationmaps.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://capitalone.banklocationmaps.com/

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 21 May 2021 05:03:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-f+GiZz9t4FEthaYbCPdkBw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 607
x-xss-protection: 0
server-timing: gfet4t7; dur=29
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v12/ 36 KB
36 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v12/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624c3c616d2fbd2543d257871c9611f33a2b828603c3bc9a8fd32b57db733e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://capitalone.banklocationmaps.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:48:29 GMT
server: sffe
age: 413997
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36444
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET bankmaps-icons-60f206fde945d87bc301aabb67e9c539c6318b5d3151e788dfe71b944139b01c.woff2
dj135koobai3n.cloudfront.net/assets/ 0
0

GET
H2 200 bankmaps-icons-a41b1078c4e26c05e1327361d53d19e596f31593ad7dbe849f5a7dde5bdcecb5.woff
dj135koobai3n.cloudfront.net/assets/ 66 KB
41 KB 10ms
8ms Font
application/font-woff 2600:9000:206f:b400:7:9a11:48c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dj135koobai3n.cloudfront.net/assets/bankmaps-icons-a41b1078c4e26c05e1327361d53d19e596f31593ad7dbe849f5a7dde5bdcecb5.woff

Requested by

Host: dj135koobai3n.cloudfront.net
URL: https://dj135koobai3n.cloudfront.net/assets/application-c38552bbf5fd4983e857aa5e95bc20346b81b2441aad3f82d8daf08d56059941.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:b400:7:9a11:48c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

9e373306df049dc75efb9c4e7177b03270fbd60ec68ba9c22455bee13f29c240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://capitalone.banklocationmaps.com
Referer: https://dj135koobai3n.cloudfront.net/assets/application-c38552bbf5fd4983e857aa5e95bc20346b81b2441aad3f82d8daf08d56059941.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 06:10:04 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 946411
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Sat, 12 Sep 2020 10:42:26 GMT
server: Cowboy
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/font-woff
via: 1.1 vegur, 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: UNepfV9Tmr5hyT7MBso7j0ZMLQEdgh1LrwAHII5D-QFdAmsLRu7wvw==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1847109765&t=pageview&_s=1&dl=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&ul=en-us&de=UTF-8&dt=Capital%20One%20Bank%20Locations%20Worldwide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=679355934&gjid=1020559349&cid=1772028238.1621573416&tid=UA-5747638-1&_gid=1162106523.1621573416&_r=1&_slc=1&z=1895297148

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitalone.banklocationmaps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 21C4 10 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://capitalone.banklocationmaps.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://capitalone.banklocationmaps.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 20 May 2021 22:33:52 GMT
expires: Thu, 03 Jun 2021 22:33:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 23384
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame B79A 135 KB
44 KB 47ms
6ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e09f7a05836f0aa4adddbbd9cb21f080395ae0ca38ae2dbed54d1babbc982373

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:52:12 GMT
content-encoding: gzip
server: mafe
age: 684
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=10
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45164
x-xss-protection: 0
expires: Fri, 21 May 2021 05:22:12 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
98 B 24ms
23ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5747638-1&cid=1772028238.1621573416&jid=679355934&gjid=1020559349&_gid=1162106523.1621573416&_u=IEBAAEAAAAAAAC~&z=868406606

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 21 May 2021 05:03:36 GMT
content-type: text/plain
access-control-allow-origin: https://capitalone.banklocationmaps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 231 KB
85 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0518266783580711&plah=capitalone.banklocationmaps.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 May 2021 05:03:36 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 26ms
22ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5747638-1&cid=1772028238.1621573416&jid=679355934&_u=IEBAAEAAAAAAAC~&z=329452601

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 24ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5747638-1&cid=1772028238.1621573416&jid=679355934&_u=IEBAAEAAAAAAAC~&z=329452601

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
268 B 31ms
31ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=capitalone.banklocationmaps.com&callback=_gfp_s_&client=ca-pub-0518266783580711

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0518266783580711&plah=capitalone.banklocationmaps.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e23a98da0978cd56f083ead1c27426f8e190e0cf3d07a1a1dc20961093ad840e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=capitalone.banklocationmaps.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=capitalone.banklocationmaps.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBDC 51 KB
20 KB 438ms
436ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=90&slotname=5074757856&adk=3807483278&adf=4258829193&pi=t.ma~as.5074757856&w=970&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=2&psa=0&format=970x90&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416300&bpp=8&bdt=466&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5795101123941&frm=20&pv=2&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mO1tNZYO6h&p=https%3A//capitalone.banklocationmaps.com&dtd=96

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8f8d1979db2712d63546217621c57437ec5b437891ab4efd8feac5183ef7d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0518266783580711&output=html&h=90&slotname=5074757856&adk=3807483278&adf=4258829193&pi=t.ma~as.5074757856&w=970&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=2&psa=0&format=970x90&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416300&bpp=8&bdt=466&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5795101123941&frm=20&pv=2&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mO1tNZYO6h&p=https%3A//capitalone.banklocationmaps.com&dtd=96
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://capitalone.banklocationmaps.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://capitalone.banklocationmaps.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 05:03:36 GMT
server: cafe
content-length: 20504
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 05:18:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 05:03:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 29ms
29ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424113157718"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:36 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26BF 57 KB
19 KB 451ms
450ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=250&slotname=7234017332&adk=2300315155&adf=1932483714&pi=t.ma~as.7234017332&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416308&bpp=3&bdt=474&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TqRneOw5Vs&p=https%3A//capitalone.banklocationmaps.com&dtd=109

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25efcaff321dc89e5a4d8afb8e2b4d89f498b78b42ebde050599e33e31adf867

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjw2tv_2fACFTHREQgdhKwA9Q&gqi=KD-nYI31Gdip3gOgnYq4BA&layout=/sadbundle/%24csp%253Der3%24/6728049052606267392/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0518266783580711&output=html&h=250&slotname=7234017332&adk=2300315155&adf=1932483714&pi=t.ma~as.7234017332&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416308&bpp=3&bdt=474&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TqRneOw5Vs&p=https%3A//capitalone.banklocationmaps.com&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://capitalone.banklocationmaps.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://capitalone.banklocationmaps.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjw2tv_2fACFTHREQgdhKwA9Q&gqi=KD-nYI31Gdip3gOgnYq4BA&layout=/sadbundle/%24csp%253Der3%24/6728049052606267392/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 05:03:36 GMT
server: cafe
content-length: 19917
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 05:18:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 05:03:36 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2E6 76 KB
24 KB 739ms
738ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=600&slotname=7152280375&adk=3712256781&adf=4098850427&pi=t.ma~as.7152280375&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416311&bpp=3&bdt=476&idt=116&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x250&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mBYm1ZLXAk&p=https%3A//capitalone.banklocationmaps.com&dtd=124

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e38a8ffc71b02d24305b348fa18369f9bc01e4631c49a84bc5ef7565fbfdcba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0518266783580711&output=html&h=600&slotname=7152280375&adk=3712256781&adf=4098850427&pi=t.ma~as.7152280375&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416311&bpp=3&bdt=476&idt=116&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x250&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mBYm1ZLXAk&p=https%3A//capitalone.banklocationmaps.com&dtd=124
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://capitalone.banklocationmaps.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://capitalone.banklocationmaps.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 05:03:37 GMT
server: cafe
content-length: 24310
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 05:18:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 05:03:37 GMT
cache-control: private

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/44/14/ Frame B79A 233 KB
234 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/44/14/init_embed.js

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad37130fd6db9507347d0417694ace6210fd9f671b1821a0b4d9bdf1192f513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:19:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:11:34 GMT
server: sffe
age: 128673
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238786
x-xss-protection: 0
expires: Thu, 19 May 2022 17:19:03 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=capitalone.banklocationmaps.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
23ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=capitalone.banklocationmaps.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E92 6 KB
716 B 82ms
81ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&adk=1812271804&adf=3025194257&lmt=1621573416&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416314&bpp=2&bdt=479&idt=138&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x250%2C300x600&nras=1&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=155

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31ce36b08829eb1691bb97a3b22edd898d3e9f8b2636e2da7279ebf5fdb4e112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0518266783580711&output=html&adk=1812271804&adf=3025194257&lmt=1621573416&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416314&bpp=2&bdt=479&idt=138&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x250%2C300x600&nras=1&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=155
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://capitalone.banklocationmaps.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://capitalone.banklocationmaps.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 05:03:36 GMT
server: cafe
content-length: 693
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 05:18:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 05:03:36 GMT
cache-control: private

GET
H3-29 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame B79A 85 KB
31 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 63857
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31670
x-xss-protection: 0
expires: Fri, 20 May 2022 11:19:19 GMT

GET
H3-29 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame B79A 280 KB
86 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 17:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 40005
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87588
x-xss-protection: 0
expires: Fri, 20 May 2022 17:56:51 GMT

GET
H3-29 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame B79A 57 KB
57 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1375168a2cecd15446f9d96877bdd0bb44e0479e184ac1af1fcb0928d4a5f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:50:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 126792
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58602
x-xss-protection: 0
expires: Thu, 19 May 2022 17:50:24 GMT

GET
H3-29 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame B79A 4 KB
4 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257639b9b6bd949f6f767630e174e4d6fd9969b831512230efddb43977dd5542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:19:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 128658
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3671
x-xss-protection: 0
expires: Thu, 19 May 2022 17:19:18 GMT

GET
H3-29 200 google4.png
maps.gstatic.com/mapfiles/embed/images/ Frame B79A 2 KB
2 KB 42ms
14ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/embed/images/google4.png

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:36 GMT

GET
H3-29 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame B79A 16 KB
16 KB 29ms
25ms Image
image/png 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i31&2i263&2e1&3u2&4m2&1u390&2u250&5m5&1e0&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=85094

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

5676c44291b8ffb2bf4d184099bb815dfb6ba77aac864d04524496b4f556aa5b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:36 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=19
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16341
x-xss-protection: 0
expires: Sat, 22 May 2021 05:03:36 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-0518266783580711&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20210516_113652&sat=1621331696708&afm=0&as_count=3&d_count=0&ng_count=0&am_count=0&atf_count=3&mdns=0.568&alldns=0.568&allp=35&pgh=1654&su=capitalone.banklocationmaps.com&r=0.1

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame B79A 326 B
347 B 14ms
13ms Image
image/bmp 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:36 GMT

GET
H3-29 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame B79A 25 KB
25 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb0b3a23a0197976f98cd3f6b6fcc579b97b0842f3c6a46c8836a1bfdddefb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:19:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 128662
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25147
x-xss-protection: 0
expires: Thu, 19 May 2022 17:19:14 GMT

GET
H2 200 kh
khms0.googleapis.com/ Frame B79A 10 KB
10 KB 33ms
9ms Image
image/jpeg 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms0.googleapis.com/kh?v=903&hl=en-US&x=0&y=0&z=0

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

d8b6c47fe74bffa3c835fe26a7201a3e37fe3aba1b436f26bc6b573732ebe3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 15:53:15 GMT
x-content-type-options: nosniff
age: 47421
server-timing: gfet4t7; dur=0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10296
x-xss-protection: 0
last-modified: Fri, 01 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
expires: Fri, 21 May 2021 15:53:15 GMT

GET
H3-29 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame B79A 10 KB
3 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-72.55657685107658&2d-180&2m2&1d90&2d180&2u2&4sen-US&5e0&6sm%40557000000&7b0&8e0&11e289&12e2&callback=_xdc_._kgryf&client=google-maps-embed&token=62258

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

aac9465877f2270ac3df7ec29f78fab2890b31c1e733c8a7fc5e36e9971596f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=5
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame B79A 10 KB
2 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-24.455362341499015&2d176.58478243875743&2m2&1d90&2d-16.303574894332677&2u0&4sen-US&5e2&7b0&8e0&11e289&12e2&callback=_xdc_._tdhgqo&client=google-maps-embed&token=54665

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

8a3296f2b80de78b6849f3259764384970917f97dde3ffc965c508f940a86b0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=5
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame B79A 6 KB
6 KB 10ms
7ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i2!2i1!3i2!4i256!2m3!1e0!2sm!3i557281276!3m12!2sen-US!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=83910

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

273b51dc3abe213653cc160083fc545657ff4438a277a74153fba3d91266b25a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:22:27 GMT
x-content-type-options: nosniff
age: 2469
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5931
x-xss-protection: 0
x-server-version-bin: CggIBBDgpZGFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Wed, 02 Feb 2022 09:12:49 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame B79A 1 KB
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i2!2i0!3i2!4i256!2m3!1e0!2sm!3i557281276!3m12!2sen-US!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=102196

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

b2497024a412a6c5b9226c27cfa2145482df260110f1d0de80161ed32a57684c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:22:27 GMT
x-content-type-options: nosniff
age: 2469
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
x-server-version-bin: CggIBBDgpZGFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Wed, 02 Feb 2022 09:12:49 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame B79A 10 KB
10 KB 10ms
9ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i2!2i0!3i1!4i256!2m3!1e0!2sm!3i557281276!3m12!2sen-US!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=51929

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

45f94fdda0fd031d4f1bf38e39a400f55c237d4b80a241e283309c15d64d677b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:22:27 GMT
x-content-type-options: nosniff
age: 2469
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10659
x-xss-protection: 0
x-server-version-bin: CggIBBDgpZGFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Wed, 02 Feb 2022 09:12:49 GMT

GET
H3-29 200 vt
www.google.com/maps/ Frame B79A 9 KB
9 KB 11ms
10ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i2!2i1!3i1!4i256!2m3!1e0!2sm!3i557281276!3m12!2sen-US!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=33643

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

0c6cadd440333bfef38d7d9d12e6bceb08ce825f1befb6f67e63f8a8b8bd7bd6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:22:27 GMT
x-content-type-options: nosniff
age: 2469
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9573
x-xss-protection: 0
x-server-version-bin: CggIBBDgpZGFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Wed, 02 Feb 2022 09:12:49 GMT

GET
H3-29 200 vt Show response
www.google.com/maps/ Frame B79A 197 B
108 B 16ms
15ms XHR
application/json 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/vt?pb=!1m4!1m3!1i2!2i0!3i1!1m4!1m3!1i2!2i1!3i1!1m4!1m3!1i2!2i0!3i2!1m4!1m3!1i2!2i1!3i2!2m3!1e0!2sm!3i557281276!3m12!2sen-US!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1&client=google-maps-embed&token=86878

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

d7bf555d2a5d3cbc5be0e9d6f383802dfbb4002282971c562f477e78be7de105

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed/v1/view?key=AIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k&center=39.7837304,-100.4458825&maptype=roadmap&zoom=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
server-timing: gfet4t7; dur=9
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
x-server-version-bin: CggIBBDgpZGFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private, max-age=22222222
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Fri, 21 May 2021 05:03:36 GMT

GET
H2 200 18348686881698416794
tpc.googlesyndication.com/simgad/ Frame DBDC 72 KB
72 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18348686881698416794?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkBBet0YPNp9LQ_dX149edH24mq3A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=90&slotname=5074757856&adk=3807483278&adf=4258829193&pi=t.ma~as.5074757856&w=970&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=2&psa=0&format=970x90&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416300&bpp=8&bdt=466&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5795101123941&frm=20&pv=2&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mO1tNZYO6h&p=https%3A//capitalone.banklocationmaps.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d6af4a7895c655e338c8b770d1d1e3f45d909dbeccf9082b7644318f7c0072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 08:43:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 18:50:46 GMT
server: sffe
age: 73211
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73592
x-xss-protection: 0
expires: Fri, 20 May 2022 08:43:25 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame DBDC 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 04:55:14 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame DBDC 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 04:51:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBDC 118 KB
36 KB 31ms
29ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame DBDC 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 04:58:12 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame DBDC 25 KB
10 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 19:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: cafe
etag: 16922886349488815302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 19:38:57 GMT

GET
H2 200 bg_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame DBDC 6 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/bg_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fab84491c4daf42d7737c11bf944a0f0c17f8ac062a6f79621a2c96158ba07dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 05:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2654
x-xss-protection: 0
server: cafe
etag: 9684562709346776962
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 05:35:15 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DBDC 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQvH9KD-nYMavGemnx_APmN6suA2ospnfYsKX-8aKDr3p-4uoHRABIJ6fwAxglQKgAePPmb8DyAECqAMByAPJBKoE1QFP0CXS8P9KP9kkJ2yX9BSIeg0kzlu3Hph3IY2MApqFu-0B2R_dktzjarLpckZ9SAldsMg8Q_eU5Df8YxBMAnK27IkVn23wdxk-lgv0dkYI_jQxftJRHUSxXQe7IKSOvmZ3TjE2vVDLKeGyLtX6P7FIFRB7ahZmtQHJqSfj11DBNlV0_YfhQabrqFx5VPlQtjl1414MTajPgX-6vZsgmOgg4MDtoofCQfCuZMmuPER859_epSG-7p6c-udvUFcP9mKYvdhtrayN4yxORQMHIsUlmoJJb5XABKq8gKHFA5IFBAgEGAGSBQQIBRgEoAYCgAfd9pMwqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOjUHtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0wNTE4MjY2NzgzNTgwNzEx&sigh=KyNqnD9-95M

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=90&slotname=5074757856&adk=3807483278&adf=4258829193&pi=t.ma~as.5074757856&w=970&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=2&psa=0&format=970x90&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416300&bpp=8&bdt=466&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5795101123941&frm=20&pv=2&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mO1tNZYO6h&p=https%3A//capitalone.banklocationmaps.com&dtd=96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 21 May 2021 05:03:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:36 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 60A8 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=90&slotname=5074757856&adk=3807483278&adf=4258829193&pi=t.ma~as.5074757856&w=970&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=2&psa=0&format=970x90&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416300&bpp=8&bdt=466&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5795101123941&frm=20&pv=2&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mO1tNZYO6h&p=https%3A//capitalone.banklocationmaps.com&dtd=96
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=90&slotname=5074757856&adk=3807483278&adf=4258829193&pi=t.ma~as.5074757856&w=970&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=2&psa=0&format=970x90&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416300&bpp=8&bdt=466&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5795101123941&frm=20&pv=2&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mO1tNZYO6h&p=https%3A//capitalone.banklocationmaps.com&dtd=96

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 21 May 2021 04:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 386
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 48FE 247 B
786 B 114ms
30ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23eb58e24b56a7675fdb59ad3a9a24ff76a217efb9f399f7c0d6b36e595adae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-pVpSMKXdvyNB1wBPsnnoYg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 201
date: Fri, 21 May 2021 05:03:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 26BF 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=250&slotname=7234017332&adk=2300315155&adf=1932483714&pi=t.ma~as.7234017332&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416308&bpp=3&bdt=474&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TqRneOw5Vs&p=https%3A//capitalone.banklocationmaps.com&dtd=109

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 04:51:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26BF 118 KB
36 KB 30ms
29ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:36 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 26BF 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 04:58:12 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/ Frame B4CC 382 KB
36 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdace3aa03635e791c21844401f4d3489c64052d8b126b2c1bf569d225bd298

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6728049052606267392/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 17 May 2021 22:46:47 GMT
expires: Tue, 17 May 2022 22:46:47 GMT
last-modified: Mon, 17 May 2021 08:49:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 36952
age: 281809
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 26BF 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY_AFKD-nYIi8GrGix_APhNmCqA_O-oDnYomi0fKEDvKe3KDUARABIJ6fwAxglQKgAdTQ0JcDyAEJqQLlq2Rjf4S0PqgDAcgDAqoE2QFP0C2ZPRCAeCgNW2rYm0v4OeecYK1mijyHfGA-fpa6V-4DPgLrn_m_eD_PJ5pX8GRQZ_xJexeAnSZq1BhvHBtB6pPRj_yzmu_atkbI0372FbkG06OTTIj3DUd-2gEVpAIDK0OI4L-43d_4Gx_X4qhVrqayO_SPFbUn7lHrU_8bBBfKbxdjfH9JznXMWdnbGwa4s6sxqDzNtLEfSmC3Fyr4nftnUbCgZQnNx_v30I3xqIy65rLt_DD6oZ1G62JhNWDjMlG6NvwXQecYDJe7Vcmx1saI4pT4wjCgwATY__Sj4QOSBQQIBBgBkgUECAUYBKAGXYAHy__cbKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCy7STSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMDUxODI2Njc4MzU4MDcxMQ&sigh=uTa4Jld1xaY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=250&slotname=7234017332&adk=2300315155&adf=1932483714&pi=t.ma~as.7234017332&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416308&bpp=3&bdt=474&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TqRneOw5Vs&p=https%3A//capitalone.banklocationmaps.com&dtd=109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 21 May 2021 05:03:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:36 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EAC 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=250&slotname=7234017332&adk=2300315155&adf=1932483714&pi=t.ma~as.7234017332&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416308&bpp=3&bdt=474&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TqRneOw5Vs&p=https%3A//capitalone.banklocationmaps.com&dtd=109
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn5NywHhnbTce0kt7DdC35D_fwIgNox5E0pywHIgYcptVpJoa1g2O0sBuJ-NF4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=250&slotname=7234017332&adk=2300315155&adf=1932483714&pi=t.ma~as.7234017332&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416308&bpp=3&bdt=474&idt=103&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TqRneOw5Vs&p=https%3A//capitalone.banklocationmaps.com&dtd=109

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 21 May 2021 04:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 386
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 60A8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn5NywHhnbTce0kt7DdC35D_fwIgNox5E0pywHIgYcptVpJoa1g2O0sBuJ-NF4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 05:03:36 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 21-May-2021 06:03:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 05:03:36 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 05:03:36 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DBDC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e22ca94a7bcc202bda93d13c3b3b6e4a325a673113d491e39b90b201587966a3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 26BF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5ef763df1870fc4aaf9ae95e4cb2a8f3db625e639baf7a3afe22928abfca4d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame B79A 90 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f62597761d6440800c5e7dd82856c8df95fed32a87eeda64343630f40f2020da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 127071
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27690
x-xss-protection: 0
expires: Thu, 19 May 2022 17:45:46 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame B79A 62 B
83 B 16ms
16ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fview%3Fkey%3DAIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k%26center%3D39.7837304%2C-100.4458825%26maptype%3Droadmap%26zoom%3D2&2sgoogle-maps-embed&callback=_xdc_._b8mqxn&client=google-maps-embed&token=20082

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

db99261f713d685a7f9ffeeefda61f069aa55c98fba9e5f21590c4f7f3412679

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:37 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 iframe.html Show response
p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 48FE 4 KB
2 KB 62ms
30ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bfb5e33c5a9b7a2b36acb9fd5f89665670215ac4e9dd4adf285f28ea84654f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-OXaWFjc7KHls3zxsgUgiug' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 1861
date: Fri, 21 May 2021 05:03:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame B4CC 2 KB
566 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 May 2021 03:24:10 GMT
server: ESF
date: Fri, 21 May 2021 05:03:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 May 2021 05:03:37 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EAC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkmiC4TSmI2n6aVkIhnQ4c0ZbnTEhXN_lhD4MoBgyjfpSgsQqdV9teMj9ChSPA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 05:03:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 21-May-2021 06:03:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 05:03:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 05:03:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame B79A 62 B
83 B 19ms
19ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fview%3Fkey%3DAIzaSyAeea8BYDRk3Jqp-GrJX6GF8doE4jb1D6k%26center%3D39.7837304%2C-100.4458825%26maptype%3Droadmap%26zoom%3D2&2sgoogle-maps-embed&7sxuy0em&10e1&callback=_xdc_._9dt195&client=google-maps-embed&token=9680

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4d1fac1ee8d12a076d8f6d5fd2564add5e55615f50bab01aefee573e09449849

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:37 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B4CC 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 21 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B4CC 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 21 May 2021 23:11:01 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame B79A 14 KB
1014 B 20ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e9b05e5c8c113f2f1455100df8c7672b9da25c21ab5cdafe2ed64867e54ad10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 May 2021 03:20:55 GMT
server: ESF
date: Fri, 21 May 2021 05:03:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 May 2021 05:03:37 GMT

GET
DATA 200
OK truncated
/ Frame B79A 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B79A 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745cd249aa9496dd24c88ae597827d4e82ea76e53eeb890fb85ce2a56a4863d8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B79A 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B79A 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B79A 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B79A 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 287297
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 17 May 2022 21:15:20 GMT

GET
DATA 200
OK truncated
/ Frame B79A 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B79A 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B79A 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B79A 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B79A 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B79A 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame B4CC 18 KB
18 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 23:54:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:31:27 GMT
server: sffe
age: 104932
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18116
x-xss-protection: 0
expires: Thu, 19 May 2022 23:54:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E2E6 3 KB
674 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=600&slotname=7152280375&adk=3712256781&adf=4098850427&pi=t.ma~as.7152280375&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416311&bpp=3&bdt=476&idt=116&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x250&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mBYm1ZLXAk&p=https%3A//capitalone.banklocationmaps.com&dtd=124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 May 2021 03:15:53 GMT
server: ESF
date: Fri, 21 May 2021 05:03:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 May 2021 05:03:37 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame E2E6 1 KB
990 B 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 572
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 04:54:05 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame E2E6 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 04:55:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame E2E6 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 04:51:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2E6 118 KB
36 KB 35ms
34ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:37 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame E2E6 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 04:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 04:58:12 GMT

GET
H2 200 6bd41964be010df5460da51c4a6824b5.js Show response
www.gstatic.com/mysidia/ Frame E2E6 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6bd41964be010df5460da51c4a6824b5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 10:04:25 GMT
server: sffe
age: 148312
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10390
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:51:45 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3433413838377907917/ Frame E2E6 11 KB
11 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3433413838377907917/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03108f0ccf2449d32484d9001d644e6c945b1a280415cc634f0f27a94200bcc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 12:19:44 GMT
x-content-type-options: nosniff
age: 319433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11094
x-xss-protection: 0
last-modified: Thu, 13 May 2021 10:53:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 12:19:44 GMT

GET
DATA 200
OK truncated
/ Frame E2E6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e777246dd66a42738bc03b16482519a31a7f4d3d432a5be7369c0692dfae5e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame E2E6 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmRvAKD-nYPmwH7KXx_APwaeFkArUgovgYvLc1ozzDb-Q55aPDhABIJ6fwAxglQKgAdOx-cgDyAEJqQLVupIYdoW0PqgDAcgDywSqBNQBT9ClCDytyz5TIsGvBFfS16ahKRJOAfEVXEW4k1QuQmx8_gWtXOFkco7dX-vkzoaPzHqeFC8t6ky4_V-MCsUDjsUfOJkIX1yrI9jLSs9T2ZWdV6tFiM1iJPdWCSb-IkaZUfHGOdv-HReOHOPmkeivEeX-MEt4R2ciRFUdDBdhu_lS03j6T8yMbCCs5epAKE_fNOFDocjBnrA-aJWMqtbzirJR_xmQ_jdKBIiVIHCz3r4RgW_eNN-nA_2QE6wU1xhKtnF0F_MD5JdaaGtkJeo1dz-pH_HABKS6sZ7nA5IFBAgEGAGSBQQIBRgEoAYugAfWk-U4qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJ-7HtIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwKIFAHQFQGAFwGyFxoKGAgAEhRwdWItMDUxODI2Njc4MzU4MDcxMQ&sigh=PoeFwsdRZT8&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=600&slotname=7152280375&adk=3712256781&adf=4098850427&pi=t.ma~as.7152280375&w=300&fwrn=4&fwrnh=100&lmt=1621573416&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fcapitalone.banklocationmaps.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621573416311&bpp=3&bdt=476&idt=116&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x250&correlator=5795101123941&frm=20&pv=1&ga_vid=1772028238.1621573416&ga_sid=1621573416&ga_hid=1847109765&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1507905802936283&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mBYm1ZLXAk&p=https%3A//capitalone.banklocationmaps.com&dtd=124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 21 May 2021 05:03:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:37 GMT

GET
H3-29 200 Grover_Logo_SoftBlack_RGB-01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/ Frame B4CC 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/Grover_Logo_SoftBlack_RGB-01.svg

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3d8208c8a181b69cc3b615b8c001b3188cc10d9f070a395bc83dd10217f823

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 281806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
last-modified: Mon, 17 May 2021 08:49:07 GMT
server: sffe
date: Mon, 17 May 2021 22:46:51 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 22:46:51 GMT

GET
H3-29 200 tablet.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/ Frame B4CC 38 KB
38 KB 12ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/tablet.png

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

942839dc69dbd4e7b75a39a82b262cbba735aad8dcd1b4585162631fd75f4990

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 281806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39213
x-xss-protection: 0
last-modified: Mon, 17 May 2021 08:49:07 GMT
server: sffe
date: Mon, 17 May 2021 22:46:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 22:46:51 GMT

GET
H3-29 200 laptop.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/ Frame B4CC 29 KB
29 KB 11ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/laptop.png

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

171d2a26b5b8006530360f8830ac6186bcf456c936e79b6c4c5c021d9e06c611

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 281806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29376
x-xss-protection: 0
last-modified: Mon, 17 May 2021 08:49:07 GMT
server: sffe
date: Mon, 17 May 2021 22:46:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 22:46:51 GMT

GET
H3-29 200 watch.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/ Frame B4CC 29 KB
29 KB 13ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6728049052606267392/watch.png

Requested by

Host: capitalone.banklocationmaps.com
URL: https://capitalone.banklocationmaps.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38841524bf0cf41634b6b10c7cf8d90db5f0ddb7ef47bcb1e1755e0399df2a49

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 281806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29788
x-xss-protection: 0
last-modified: Mon, 17 May 2021 08:49:07 GMT
server: sffe
date: Mon, 17 May 2021 22:46:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 22:46:51 GMT

GET
H2 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0940 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/bg_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 16:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 46899
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Fri, 20 May 2022 16:01:58 GMT

GET
DATA 200
OK truncated
/ Frame E2E6 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e9c54669119e01e8b9e606e765b42cc7c93cbfe4968a0ddee5439382b876c2b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E2E6 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 413999
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E2E6 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 10:13:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 586210
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 14 May 2022 10:13:27 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fda126495cc0160ec8c02e9fcfd7f6053d5533a2fd52e87777c1f184ad2e6a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 05:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7679
x-xss-protection: 0

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame C87F 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 16:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 46899
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Fri, 20 May 2022 16:01:58 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 05:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 21 May 2021 05:03:37 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D490 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://capitalone.banklocationmaps.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://capitalone.banklocationmaps.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 20 May 2021 20:58:08 GMT
expires: Fri, 20 May 2022 20:58:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 29129
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame D490 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 16:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 46899
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Fri, 20 May 2022 16:01:58 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=1507905802936283&bg=!iYqlis7NAAZ7hX_Ue4U7ACkAdvg8WmD5O-_OgZ-PgBhOxb3U1GrX432JchbcReGi5Pnc_Q7wHQwKBwIAAACGUgAAABFoAQcKANEQrkDetOTQYa4dCK2x14lX1AH32zAZ_kYmNyUPcbnDxO_JZHVPNmG-reCXSaO1jqqqNdPeBTW2vTMgfvuDdwZoi2EwtEXEdFspXIaBIuAQAK_xfLZZ_n9X6el5ljo3pS6kYfKC_UY5HBryRX7pIEntfq76VG-tTL-E3H-OfoavzQ8EFVpIqgp1O529LlWpbu04lYEAbIgM-J8lxgnp3prT9YHdx-w_biaP3h0zuZtBUxN_U1zf4IGCxwGGsmKu_fuz6efqyKQoawcgVkEGUyeRpJkCSVnoGNa9AmQgT5TjiVMQ-oACSBHr0xGz1KNwxzHxAWVjvikRnLLHV1_ny_plpGz9XI_vaWib14QKawZVfYcJneg3OaJDJG1QBP3Do4FwMZOV5LVJfmRhaBWe1Dih2WtEbs6mcgDfad2J_xWqs0rO__Sh1lvrjHDXFYBArmxU_LajvoDmGDEvgModi1rkRKnNdQQGIv15W5Flqm5CiVldPnh2lgXz9vHleq2ub8HG1gj76Ajbe-46ta8dA5kOU-6TIxoUJmeoKfg0rsEhW6tJIH0SuQQogXAUuKezmn7Bd1D3FsCMD0lPBfC80WP6gBpsUYqo5jsJ0OV6Sq_YmklMRt-duFeIkc1SuDA5SbE7X89EuZ-t2WuJURIsopAlkCyWKZkNfCp12k_LUixgtqVl8JwpJ_riQG6XOxM66-1oGOEqMcZNVNluG2dt4Wb7dAb65e-rP-mbVDj_ZT0ohonmMl26FnaPmUqqlG5dcIWsDKo3DgThF9v73wE6Q-yB4BbJiTux_fdD0QpgTIzXXyYvY9x5LeSV2syfhX5ykXPnqwIQJea-hnkB07eQZZJLlA3Sc3fs20FVg6G19_nRHmDreqwvgSPG9Sas-cpqnq3qn69XUr2x-L-52afUZdYVCVVWvEGm_pOkP_HVOtvrTyBVzg2QXmRgqx1ftyUw8ztgj5vwSq95B1fr2q12YySeE7jPAoHIHpJR9gFdH4559-YPsigGPNcsYAoy0--7QZ7F0AM615zs6aIMGySgQobJM5ZruJ4quFIe6flaSA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://capitalone.banklocationmaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBDC 42 B
64 B 43ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5WCr6VLCuLCfBe-XC9xJm5N47DD_ogp74NyBs9RrPYvvgavUNBxusVCQnWehEhKnYa_UvL5uQ3Ykogwcjg6n6M_5s7VL5s0LYKRlWnLoFkMz7BYqyuPdi-NHkiQ&sai=AMfl-YQdsO3SxP3ju_QXeBv227iYGtoMVVqUSi80lCRSh-2tR4ZNuP5NvNdNRpOLIAT_SZXcRroELO1piNR-&sig=Cg0ArKJSzKLTwCVLssTnEAE&id=lidar2&mcvt=1000&p=53,315,143,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3807483278&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621573416402&dlt=441&rpt=118&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26BF 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQDAvuIVWPX9PQxEorEA0FeoYYtd-HJW6P8tN2YykeR9xjB7xYNLtOS1McZ_X3KxO-HgGiMuxDmR6SvE9M57eZyQBasWx0qOtsIQV5jaPBx9UJj49FYVFgpYCVrw&sai=AMfl-YR8ygRSnEAZN-cFvlvaii2mE2YYRc8N5JdkzZC3OIs_B9j_b9M_IOt4edxt9kAlqpcZaILXKYvxHx6k&sig=Cg0ArKJSzMXH2GPwObkeEAE&id=lidar2&mcvt=1003&p=665,230,915,530&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2300315155&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621573416422&dlt=451&rpt=83&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E2E6 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj2QvpHoedr7258x-fBjMb3ieOr1q9B3zTkv6WQaMhnsGv_SVn2SPmigiYkSxq_TSsXFp9geLnzvHm4_2Ptvg52w3_Zqn7gjyRiUOmogeAEjO8ZxOd8yq5tqRDDg&sai=AMfl-YRyi9B5wfaEI0hyW7uHKcwqEvldLLkU4E9FXZmyHyaPV34pfpP4Cibd9lYkh7c_8WMAQ3gDE-I6ajXN&sig=Cg0ArKJSzDxfj87zod50EAE&id=lidar2&mcvt=1004&p=590,1130,1190,1430&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3712256781&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621573416438&dlt=802&rpt=75&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
dzc-v6exp3-ds.metric.ipv6test.com/v6exp3/ Frame 48FE 35 B
410 B 41ms
13ms Image
image/gif 2a00:1450:4001:812::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dzc-v6exp3-ds.metric.ipv6test.com/v6exp3/6.gif?ipv6exp=dzc&p=p4&rnd=dq535wf352kfm&hmac=jezchuk6ocdn3qrw&nonce=160966

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
dzc-v6exp3-ds.metric.ipv6test.net/v6exp3/ Frame 48FE 35 B
410 B 128ms
51ms Image
image/gif 2a00:1450:400d:803::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dzc-v6exp3-ds.metric.ipv6test.net/v6exp3/6.gif?ipv6exp=dzc&p=p4&rnd=dq535wf352kfm&hmac=jezchuk6ocdn3qrw&nonce=160966

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2012 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 05:03:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dj135koobai3n.cloudfront.net
URL: https://dj135koobai3n.cloudfront.net/assets/bankmaps-icons-60f206fde945d87bc301aabb67e9c539c6318b5d3151e788dfe71b944139b01c.woff2

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 18:26:14	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
capitalone.banklocationmaps.com
dj135koobai3n.cloudfront.net
dzc-v6exp3-ds.metric.ipv6test.com
dzc-v6exp3-ds.metric.ipv6test.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
khms0.googleapis.com
maps.googleapis.com
maps.gstatic.com
p4-dq535wf352kfm-jezchuk6ocdn3qrw-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
dj135koobai3n.cloudfront.net
142.250.181.227
142.250.185.162
172.217.23.98
2600:9000:206f:b400:7:9a11:48c0:21
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2012
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c04::9b
2a00:1450:400d:803::2012
52.203.96.188
00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b
03108f0ccf2449d32484d9001d644e6c945b1a280415cc634f0f27a94200bcc1
05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
0c6cadd440333bfef38d7d9d12e6bceb08ce825f1befb6f67e63f8a8b8bd7bd6
14e6a8aa47524090488341ff837d39891c6960c11f5cb3d47df762aa7bce7a89
171d2a26b5b8006530360f8830ac6186bcf456c936e79b6c4c5c021d9e06c611
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e9c54669119e01e8b9e606e765b42cc7c93cbfe4968a0ddee5439382b876c2b
2013ea9dd7fd75d4f5685e433fbd4a40074c4037dd263f6e1028784f8aa04db6
257639b9b6bd949f6f767630e174e4d6fd9969b831512230efddb43977dd5542
25efcaff321dc89e5a4d8afb8e2b4d89f498b78b42ebde050599e33e31adf867
273b51dc3abe213653cc160083fc545657ff4438a277a74153fba3d91266b25a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a
31ce36b08829eb1691bb97a3b22edd898d3e9f8b2636e2da7279ebf5fdb4e112
38841524bf0cf41634b6b10c7cf8d90db5f0ddb7ef47bcb1e1755e0399df2a49
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3ad37130fd6db9507347d0417694ace6210fd9f671b1821a0b4d9bdf1192f513
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
3c578fddd74eecf585bb7d945bc2750080edcac1640c96e91869a84afe94f221
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7
45f94fdda0fd031d4f1bf38e39a400f55c237d4b80a241e283309c15d64d677b
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a3d8208c8a181b69cc3b615b8c001b3188cc10d9f070a395bc83dd10217f823
4a624c3c616d2fbd2543d257871c9611f33a2b828603c3bc9a8fd32b57db733e
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
4d1fac1ee8d12a076d8f6d5fd2564add5e55615f50bab01aefee573e09449849
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5676c44291b8ffb2bf4d184099bb815dfb6ba77aac864d04524496b4f556aa5b
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5bfb5e33c5a9b7a2b36acb9fd5f89665670215ac4e9dd4adf285f28ea84654f6
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e
6e777246dd66a42738bc03b16482519a31a7f4d3d432a5be7369c0692dfae5e7
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
745cd249aa9496dd24c88ae597827d4e82ea76e53eeb890fb85ce2a56a4863d8
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1
8a3296f2b80de78b6849f3259764384970917f97dde3ffc965c508f940a86b0a
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
942839dc69dbd4e7b75a39a82b262cbba735aad8dcd1b4585162631fd75f4990
95a77ffd7973e214f9a912d7fa7d190a37b25c3983f67b364f583f55cef06d33
9e373306df049dc75efb9c4e7177b03270fbd60ec68ba9c22455bee13f29c240
9e9b05e5c8c113f2f1455100df8c7672b9da25c21ab5cdafe2ed64867e54ad10
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aac9465877f2270ac3df7ec29f78fab2890b31c1e733c8a7fc5e36e9971596f3
acdace3aa03635e791c21844401f4d3489c64052d8b126b2c1bf569d225bd298
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2497024a412a6c5b9226c27cfa2145482df260110f1d0de80161ed32a57684c
b8f8d1979db2712d63546217621c57437ec5b437891ab4efd8feac5183ef7d0e
bc7199d4e06c2f8cc7ff6fe395cdb93255a71a789a36b103eb16f1c4f3de225b
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a
ce8c56c639b661da7a9cae220241099dbdf4cc4a859fbdce4c907f54a8cd58be
d3a669586da991aae07041e09e6d6c622dc268f5b392e927568eab1f1e3b3fdd
d7bf555d2a5d3cbc5be0e9d6f383802dfbb4002282971c562f477e78be7de105
d8b6c47fe74bffa3c835fe26a7201a3e37fe3aba1b436f26bc6b573732ebe3a7
db99261f713d685a7f9ffeeefda61f069aa55c98fba9e5f21590c4f7f3412679
dbbf9f9ba589a91f29a59a64ebf77dcdbb61e13f830c02c18b8899aef166adea
e09f7a05836f0aa4adddbbd9cb21f080395ae0ca38ae2dbed54d1babbc982373
e1375168a2cecd15446f9d96877bdd0bb44e0479e184ac1af1fcb0928d4a5f14
e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43
e22ca94a7bcc202bda93d13c3b3b6e4a325a673113d491e39b90b201587966a3
e23a98da0978cd56f083ead1c27426f8e190e0cf3d07a1a1dc20961093ad840e
e23eb58e24b56a7675fdb59ad3a9a24ff76a217efb9f399f7c0d6b36e595adae
e38a8ffc71b02d24305b348fa18369f9bc01e4631c49a84bc5ef7565fbfdcba1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ef763df1870fc4aaf9ae95e4cb2a8f3db625e639baf7a3afe22928abfca4d5
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5
ebb0b3a23a0197976f98cd3f6b6fcc579b97b0842f3c6a46c8836a1bfdddefb9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4d6af4a7895c655e338c8b770d1d1e3f45d909dbeccf9082b7644318f7c0072
f62597761d6440800c5e7dd82856c8df95fed32a87eeda64343630f40f2020da
fab84491c4daf42d7737c11bf944a0f0c17f8ac062a6f79621a2c96158ba07dd
fda126495cc0160ec8c02e9fcfd7f6053d5533a2fd52e87777c1f184ad2e6a84

capitalone.banklocationmaps.com Open in urlscan Pro 52.203.96.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

99 %HTTPS

81 %IPv6

13 Domains

22 Subdomains

22 IPs

4 Countries

1631 kBTransfer

3520 kBSize

1 Cookies

65 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

capitalone.banklocationmaps.com Open in urlscan Pro
52.203.96.188 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

99 %
HTTPS

81 %
IPv6

13
Domains

22
Subdomains

22
IPs

4
Countries

1631 kB
Transfer

3520 kB
Size

1
Cookies

103 HTTP transactions
15 data transactions