farmersbankgroup.com Open in urlscan Pro
192.124.249.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://farmersbankgroup.com/
Effective URL:
https://farmersbankgroup.com/
Submission: On June 16 via manual (June 16th 2021, 5:48:39 pm UTC) from US

Summary HTTP 107 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 44 domains to perform 107 HTTP transactions. The main IP is 192.124.249.117, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is farmersbankgroup.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 18th 2021. Valid for: a year.

This is the only time farmersbankgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	192.124.249.117 192.124.249.117	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	143.204.98.21 143.204.98.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	107.162.136.239 107.162.136.239	55002 (DEFENSE-NET) (DEFENSE-NET)
1	2600:9000:20e... 2600:9000:20eb:5200:7:e536:8b00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4 4	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	3.215.91.73 3.215.91.73	14618 (AMAZON-AES) (AMAZON-AES)
3	18.144.113.157 18.144.113.157	16509 (AMAZON-02) (AMAZON-02)
1 4	99.80.189.193 99.80.189.193	16509 (AMAZON-02) (AMAZON-02)
1	99.86.243.202 99.86.243.202	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:4a00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 7	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
5 5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.209.141.237 52.209.141.237	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 5	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2600:1f18:612... 2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.176.232.241 35.176.232.241	16509 (AMAZON-02) (AMAZON-02)
1	99.80.93.68 99.80.93.68	16509 (AMAZON-02) (AMAZON-02)
1 2	54.93.69.146 54.93.69.146	16509 (AMAZON-02) (AMAZON-02)
1	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.58.46.39 52.58.46.39	16509 (AMAZON-02) (AMAZON-02)
1 1	65.9.82.39 65.9.82.39	16509 (AMAZON-02) (AMAZON-02)
1	52.73.56.169 52.73.56.169	14618 (AMAZON-AES) (AMAZON-AES)
17 23	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	18.194.175.178 18.194.175.178	16509 (AMAZON-02) (AMAZON-02)
1	65.9.82.48 65.9.82.48	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	3.223.82.72 3.223.82.72	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
107	41

33 192.124.249.117 (Menifee, United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10117.sucuri.net

farmersbankgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-21.fra50.r.cloudfront.net

cdn.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.162.136.239 (United States)

ASN55002 (DEFENSE-NET, US)

web6.secureinternetbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5200:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.215.91.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-91-73.compute-1.amazonaws.com

connect.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maprtb.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.144.113.157 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-113-157.us-west-1.compute.amazonaws.com

adservices.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.80.189.193 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-189-193.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-202.vie50.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:4a00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20813985p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.141.237 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-141-237.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.232.241 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-232-241.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.93.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-93-68.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.69.146 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-69-146.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.46.39 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.82.39 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.56.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-56-169.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 159.253.128.183 (Amsterdam, Netherlands) 17 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.175.178 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.82.48 (United States)

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.82.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-82-72.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	farmersbankgroup.com 1 redirects farmersbankgroup.com	4 MB
25	simpli.fi 17 redirects um.simpli.fi tag.simpli.fi i.simpli.fi	15 KB
10	doubleclick.net 10 redirects ad.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	2 KB
10	segmint.net cdn.segmint.net connect.segmint.net maprtb.segmint.net	131 KB
7	rfihub.com 2 redirects 20813985p.rfihub.com a.rfihub.com p.rfihub.com	10 KB
5	rlcdn.com 1 redirects idsync.rlcdn.com	1 KB
5	gstatic.com fonts.gstatic.com	99 KB
4	spotxchange.com 2 redirects sync.search.spotxchange.com	2 KB
4	adnxs.com 2 redirects ib.adnxs.com	4 KB
4	adsrvr.org 1 redirects insight.adsrvr.org	928 B
4	brandcdn.com tag.brandcdn.com adservices.brandcdn.com	5 KB
3	agkn.com 2 redirects aa.agkn.com d.agkn.com	1 KB
3	google.de adservice.google.de www.google.de	477 B
3	google.com 3 redirects adservice.google.com www.google.com	856 B
2	openx.net 1 redirects us-u.openx.net	482 B
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	977 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	pro-market.net 2 redirects fei.pro-market.net	858 B
2	tapad.com 1 redirects pixel.tapad.com	911 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	607 B
2	bidswitch.net 1 redirects x.bidswitch.net	861 B
2	tremorhub.com partners.tremorhub.com simplifi.partners.tremorhub.com	365 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	rubiconproject.com pixel.rubiconproject.com	478 B
2	bluekai.com 1 redirects stags.bluekai.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googleadservices.com 1 redirects www.googleadservices.com	308 B
1	bfmio.com sync.bfmio.com	421 B
1	intentiq.com sync.intentiq.com
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	784 B
1	serving-sys.com 1 redirects bs.serving-sys.com	579 B
1	media.net contextual.media.net	697 B
1	eyeota.net ps.eyeota.net	344 B
1	krxd.net beacon.krxd.net	338 B
1	addthis.com x.dlx.addthis.com	191 B
1	yahoo.com ads.yahoo.com	446 B
1	rfihub.net c1.rfihub.net	6 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	630 B
1	secureinternetbank.com web6.secureinternetbank.com	59 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	googleapis.com fonts.googleapis.com	963 B
107	44

	Domain	Requested by
33	farmersbankgroup.com	1 redirects farmersbankgroup.com
23	um.simpli.fi	17 redirects
5	idsync.rlcdn.com	1 redirects farmersbankgroup.com
5	p.rfihub.com	2 redirects
5	cm.g.doubleclick.net	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com
5	cdn.segmint.net	farmersbankgroup.com cdn.segmint.net connect.segmint.net
4	sync.search.spotxchange.com	2 redirects
4	ib.adnxs.com	2 redirects
4	insight.adsrvr.org	1 redirects farmersbankgroup.com d1eoo1tco6rr5e.cloudfront.net
4	connect.segmint.net	farmersbankgroup.com cdn.segmint.net
4	ad.doubleclick.net	4 redirects
3	adservices.brandcdn.com	farmersbankgroup.com adservices.brandcdn.com
2	us-u.openx.net	1 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	aa.agkn.com	1 redirects farmersbankgroup.com
2	dsum-sec.casalemedia.com	1 redirects
2	dpm.demdex.net	1 redirects
2	pixel.rubiconproject.com	farmersbankgroup.com
2	stags.bluekai.com	1 redirects
2	adservice.google.de	farmersbankgroup.com
2	adservice.google.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	sync.bfmio.com
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	i.simpli.fi	tag.simpli.fi
1	tag.simpli.fi	connect.segmint.net
1	maprtb.segmint.net	connect.segmint.net
1	bpi.rtactivate.com	farmersbankgroup.com
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	contextual.media.net	farmersbankgroup.com
1	ps.eyeota.net
1	beacon.krxd.net	farmersbankgroup.com
1	partners.tremorhub.com	farmersbankgroup.com
1	x.dlx.addthis.com	farmersbankgroup.com
1	ads.yahoo.com	farmersbankgroup.com
1	a.rfihub.com
1	20813985p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	farmersbankgroup.com
1	d1eoo1tco6rr5e.cloudfront.net	tag.brandcdn.com
1	tag.brandcdn.com	farmersbankgroup.com
1	web6.secureinternetbank.com	farmersbankgroup.com
1	www.googletagmanager.com	farmersbankgroup.com
1	fonts.googleapis.com	farmersbankgroup.com
107	57

This site contains links to these domains. Also see Links.

Domain
web6.secureinternetbank.com
www.farmersbankgroup.com
paybill.com
www.facebook.com
twitter.com
www.youtube.com
www.brownbootsbankwebsites.com
get.adobe.com

Subject Issuer	Validity	Valid
farmersbankgroup.com Go Daddy Secure Certificate Authority - G2	`2021-02-18` - `2022-03-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.segmint.net Go Daddy Secure Certificate Authority - G2	`2019-11-05` - `2022-01-04`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
web6.secureinternetbank.com DigiCert SHA2 Extended Validation Server CA	`2020-01-06` - `2022-02-21`	2 years	crt.sh
*.brandcdn.com RapidSSL RSA CA 2018	`2019-06-10` - `2021-07-01`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rfihub.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-27` - `2021-07-14`	2 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.eyeota.net R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://farmersbankgroup.com/
Frame ID: 9B6059596C75B821BD1D4E1D47F2136E
Requests: 53 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/en1nnXnxLosqd7?new_window=true&responsive=true
Frame ID: B1E7202A690F3F0E89D737D6D670299A
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/fvwsntn/psyzqm7/iframe
Frame ID: 1AC23E38686A9955FB8DBEB0652A9A71
Requests: 2 HTTP requests in this frame

Frame: https://20813985p.rfihub.com/ca.html?ver=9&rb=37864&ca=20813985&_o=37864&_t=20813985&pe=https%3A%2F%2Ffarmersbankgroup.com%2F&pf=&ra=1622944883998907
Frame ID: F53E863AAB8C556B0531B690654BFE10
Requests: 21 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=65488&cv_ck=09af25c2-1149-4851-9e23-9687b6500728&m=farmersbankgroup.com&r=
Frame ID: 09BB827D387D411F8BC47984E8770761
Requests: 2 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en177X7egn
Frame ID: 3C043808A523E637C6CAABE6F00349AF
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://farmersbankgroup.com/ HTTP 301
https://farmersbankgroup.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

107
Requests

100 %
HTTPS

29 %
IPv6

44
Domains

57
Subdomains

41
IPs

5
Countries

4112 kB
Transfer

5031 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://web6.secureinternetbank.com/pbi_pbi1151/login/041209080
Title: Go to Online Banking

Search URL Search Domain Scan URL

URL: https://web6.secureinternetbank.com/EBC_EBC1151/PhysicalToken/LostOrDamaged/041209080
Title: Lost or Damaged Token

Search URL Search Domain Scan URL

URL: https://web6.secureinternetbank.com/EBC_EBC1151/login/041209080/413
Title: Forgot password or PIN?

Search URL Search Domain Scan URL

URL: https://web6.secureinternetbank.com/PBI_PBI1151/Enroll/041209080
Title: Consumer Enroll

Search URL Search Domain Scan URL

URL: https://www.farmersbankgroup.com/business-online-banking-enrollment.html
Title: Business Enroll

Search URL Search Domain Scan URL

URL: https://paybill.com/consumer/?ClientId=farmersbankgroup
Title: Loan Payment

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Farmersbankgroup
Title: Facebook logo

Search URL Search Domain Scan URL

URL: https://twitter.com/farmersbnkgroup
Title: Twitter logo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/FarmersNationalBank
Title: YouTube logo

Search URL Search Domain Scan URL

URL: http://www.brownbootsbankwebsites.com/
Title: Bank Websites

Search URL Search Domain Scan URL

URL: https://get.adobe.com/reader/
Title: Some content requires Adobe Acrobat Reader to view.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://farmersbankgroup.com/ HTTP 301
https://farmersbankgroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://ad.doubleclick.net/ddm/activity/src=9380077;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9380077;dc_pre=CMbm2pDbnPECFRtGkQUd2loK5w;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98 HTTP 302
https://adservice.google.com/ddm/fls/p/src=9380077;dc_pre=CMbm2pDbnPECFRtGkQUd2loK5w;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98;~oref=https://farmersbankgroup.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CMbm2pDbnPECFRtGkQUd2loK5w;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98;~oref=https://farmersbankgroup.com/

Request Chain 38

https://ad.doubleclick.net/ddm/activity/src=9380077;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9380077;dc_pre=CNDA25DbnPECFZSFsgod6xgLEg;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151 HTTP 302
https://adservice.google.com/ddm/fls/p/src=9380077;dc_pre=CNDA25DbnPECFZSFsgod6xgLEg;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151;~oref=https://farmersbankgroup.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CNDA25DbnPECFZSFsgod6xgLEg;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151;~oref=https://farmersbankgroup.com/

Request Chain 42

https://insight.adsrvr.org/tags/fvwsntn/psyzqm7/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/fvwsntn/psyzqm7/iframe

Request Chain 56

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTU5NzQ5NTkyNzIxMDYwMQ==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKeWf4pQ9yjwHu7J5AWMwU0&google_cver=1

Request Chain 57

https://ib.adnxs.com/setuid?entity=18&code=1871597495927210601 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871597495927210601

Request Chain 58

https://stags.bluekai.com/site/4722?id=1871597495927210601&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=g3kwm999999xvXoQ&forward=

Request Chain 60

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871597495927210601&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871597495927210601&redir=

Request Chain 61

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597495927210601&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597495927210601&forward=&C=1

Request Chain 65

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597495927210601&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597495927210601&img=1&__user_check__=1&sync_id=08bc1030-cecb-11eb-9822-18969d310106

Request Chain 69

https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597495927210601&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871597495927210601&expires=30

Request Chain 70

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=1871597495927210601&bid=omt9pi0

Request Chain 71

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YMo5YgABxpGL4AAC HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YMo5YgABxpGL4AAC&_test=YMo5YgABxpGL4AAC

Request Chain 73

https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP 302
https://p.rfihub.com/cm?in=1&pub=17945&userid=d56a98cc-22cb-4562-83d6-fbc71fb535c2

Request Chain 74

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1871597495927210601&referrer=https%3A%2F%2Ffarmersbankgroup.com%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=2aa7ca2c-b28e-44e4-8e13-afac1823f530%3A1623865698.72&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D2aa7ca2c-b28e-44e4-8e13-afac1823f530%253A1623865698.72 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=2aa7ca2c-b28e-44e4-8e13-afac1823f530%3A1623865698.72 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFcIL3Lt7pGCUJLpoLpdReY&google_cver=1

Request Chain 82

https://um.simpli.fi/segmint HTTP 302
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6224565EDF114319910015EF8CDB57B3

Request Chain 85

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=AFBA16B642174534BBF3EC6890DF6BFE

Request Chain 86

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=AFBA16B642174534BBF3EC6890DF6BFE HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=AFBA16B642174534BBF3EC6890DF6BFE

Request Chain 87

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=AFBA16B642174534BBF3EC6890DF6BFE HTTP 302
https://d.agkn.com/pixel/10751/?che=1623865699&ip=89.249.64.203&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164861103819000489968 HTTP 302
https://um.simpli.fi/aa_px?sk=164861103819000489968

Request Chain 89

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AFBA16B642174534BBF3EC6890DF6BFE

Request Chain 92

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=AFBA16B642174534BBF3EC6890DF6BFE;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=AFBA16B642174534BBF3EC6890DF6BFE;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/398696.gif?partner_uid=-6483081364490859273

Request Chain 93

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=AFBA16B642174534BBF3EC6890DF6BFE&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=AFBA16B642174534BBF3EC6890DF6BFE&j=0&xl8blockcheck=1

Request Chain 95

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=AFBA16B642174534BBF3EC6890DF6BFE

Request Chain 96

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=AFBA16B642174534BBF3EC6890DF6BFE

Request Chain 97

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AFBA16B642174534BBF3EC6890DF6BFE HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=AFBA16B642174534BBF3EC6890DF6BFE

Request Chain 98

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=AFBA16B642174534BBF3EC6890DF6BFE HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=AFBA16B642174534BBF3EC6890DF6BFE&dnr=1

Request Chain 99

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=AFBA16B642174534BBF3EC6890DF6BFE

Request Chain 100

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1623865699753&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=16488712&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YznKYKjFL8yIrATGna_ACg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=16488712&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YznKYKjFL8yIrATGna_ACg&random=3559159 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=16488712&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YznKYKjFL8yIrATGna_ACg&random=3559159&ipr=y

Request Chain 101

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AFBA16B642174534BBF3EC6890DF6BFE HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AFBA16B642174534BBF3EC6890DF6BFE&__user_check__=1&sync_id=099bd6d8-cecb-11eb-830d-1bce7de30206

Request Chain 102

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=AFBA16B642174534BBF3EC6890DF6BFE HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DAFBA16B642174534BBF3EC6890DF6BFE

Request Chain 103

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AFBA16B642174534BBF3EC6890DF6BFE&expires=365

Request Chain 104

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=AFBA16B642174534BBF3EC6890DF6BFE HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=AFBA16B642174534BBF3EC6890DF6BFE

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEAu3YXK34_CRO78t83lwS7M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFBA16B642174534BBF3EC6890DF6BFE HTTP 302
https://um.simpli.fi/g_match?id=

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
farmersbankgroup.com/
Redirect Chain

http://farmersbankgroup.com/
https://farmersbankgroup.com/

37 KB
10 KB

72ms
27ms

Document
text/html

192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

31f85b3a88b2686a4b96555f83a9d8d0e846d759d2b3099d13eb958aee4bcc14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: farmersbankgroup.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Wed, 16 Jun 2021 17:48:16 GMT
content-type: text/html
content-length: 9776
x-sucuri-id: 15017
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-encoding: gzip
x-sucuri-cache: HIT
accept-ranges: bytes

Redirect headers

Server: Sucuri/Cloudproxy
Date: Wed, 16 Jun 2021 17:48:16 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
X-Sucuri-ID: 15017
Location: https://farmersbankgroup.com/

GET
H2 200 css
fonts.googleapis.com/ 9 KB
963 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Didact%20Gothic%7CLibre%20Baskerville%3A400%2C400i%2C700%7CNunito%3A400%2C600%2C700

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c4775fa7f7cf803229c61e0b064ea0a111e4d9e2439a0f5e7b3a2cfd25930cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 17:48:16 GMT
server: ESF
date: Wed, 16 Jun 2021 17:48:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Jun 2021 17:48:16 GMT

GET
H/1.1 200
OK responsive.css
cdn.segmint.net/ 76 KB
76 KB 75ms
16ms Stylesheet
text/css 143.204.98.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/responsive.css
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5d058175811968bdb8297b2bba52dd080c173d095b2b063fd47a8840ab5043a

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:47:00 GMT
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 16 Jun 2021 17:45:01 GMT
Server: AmazonS3
Age: 77
ETag: "6e99ac82e0052e3759ae3d33ea48b8f5"
X-Cache: Hit from cloudfront
Content-Type: text/css
Cache-Control: max-age=900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 77551
X-Amz-Cf-Id: _6DqBpxQxj8sp9kjvff3HqsNEQ6Ty_p5JyX0GKprP5-Lkd4mTvuHwQ==

GET
H2 200 farmersbankgroup-2019-12-19-14-51-02-CST.min.css
farmersbankgroup.com/css/ 191 KB
31 KB 21ms
21ms Stylesheet
text/css 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

6b9d177636df0be9f95139556c3c3354b66920c1e20085341c3c3bafb996d994

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 31357
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Dec 2019 20:51:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 38ms
32ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-55030730-1

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0c8e0923a83f9c6982645ccb1af6c36640fd551959ec6d37076943831136d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36100
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 16:09:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Jun 2021 17:48:16 GMT

GET
H2 200 severe.svg
farmersbankgroup.com/images/icons/alerts/ 1 KB
1 KB 42ms
37ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/icons/alerts/severe.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

b21614b2f542aa6c78b69d38479b0f43e822bd50c72fbaeb8d4d38cac54ed4e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/icons/alerts/severe.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 708
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jan 2018 18:21:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notification.svg
farmersbankgroup.com/images/icons/alerts/ 379 B
647 B 43ms
38ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/icons/alerts/notification.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

7bc0ef0af898d2792e44796f40ce530d7da9358b2b439a64b76a947d5d5d9bb0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/icons/alerts/notification.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 267
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Mar 2018 16:55:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.svg
farmersbankgroup.com/images/ 98 KB
15 KB 45ms
40ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/logo.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

41d3c2e9c1e4997f15be9c896ad72e595c2634039f59e09114fd758cb7cc9ad5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 15163
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jan 2018 18:21:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 md5.min.js Show response
farmersbankgroup.com/js/ 4 KB
2 KB 23ms
22ms Script
application/javascript 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://farmersbankgroup.com/js/md5.min.js

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/md5.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 1584
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Sep 2018 15:38:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK RemoteLogon Show response
web6.secureinternetbank.com/EBC_EBC1151/js/ 58 KB
59 KB 876ms
746ms Script
application/javascript 107.162.136.239
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://web6.secureinternetbank.com/EBC_EBC1151/js/RemoteLogon

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

107.162.136.239 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

b367710439916328be40726fd26ca32e57c557cf9c1dc337cd67404d890e64fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:48:16 GMT
Via: 1.1 fra1-bit19
Last-Modified: Wed, 16 Jun 2021 17:48:17 GMT
Vary: User-Agent
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=157680000
Content-Length: 59384
Expires: Thu, 16 Jun 2022 17:48:17 GMT

GET
H2 200 billmatrix2small.png
farmersbankgroup.com/images/icons/utility-nav/ 487 B
828 B 45ms
40ms Image
image/png 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/icons/utility-nav/billmatrix2small.png

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

aac147e0ed5dfbfd733db0a8fd5ddcb26c7673de2f429ff9f24306b1506d1819

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/icons/utility-nav/billmatrix2small.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 17:14:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 487
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rates.svg
farmersbankgroup.com/images/icons/utility-nav/ 2 KB
1 KB 45ms
40ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/icons/utility-nav/rates.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

8ebe81997d09d4d752db1c49a2b34f698bb618800e82912808bcdc0100be5d4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/icons/utility-nav/rates.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 693
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jan 2018 18:21:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 promotions.svg
farmersbankgroup.com/images/icons/utility-nav/ 2 KB
1 KB 45ms
41ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/icons/utility-nav/promotions.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

65ae6cedface7d775c387709e5496a942bf021ced1b9046755518485f6ee10aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/icons/utility-nav/promotions.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 755
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Jan 2018 22:21:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 locations.svg
farmersbankgroup.com/images/icons/utility-nav/ 794 B
835 B 46ms
41ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/icons/utility-nav/locations.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

04f3e71d2befbcb9f523732405493a0130563db4e6fd5cd18e0a1a22fb9283c5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/icons/utility-nav/locations.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 455
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jan 2018 18:21:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 support.svg
farmersbankgroup.com/images/icons/utility-nav/ 898 B
907 B 46ms
41ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/icons/utility-nav/support.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

3ee77b180fbe820e6382c5b6eae0b41500dffd93c9e0154f4b1df0a9305f4bcf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/icons/utility-nav/support.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 527
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jan 2018 18:21:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search.svg
farmersbankgroup.com/images/icons/utility-nav/ 1 KB
973 B 46ms
41ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/icons/utility-nav/search.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

28a0d6766f3a164cdd35372bfb55506fbbff59aed4d5e01956cda81b14bb8ba7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/icons/utility-nav/search.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 593
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jan 2018 18:21:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 it-house.jpg
farmersbankgroup.com/sft1085/ 43 KB
44 KB 46ms
41ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1085/it-house.jpg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

3874fdb2d36b211e83057d20ff1ec951b4c65610057415f5085a91364371e7b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1085/it-house.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Nov 2017 18:12:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 44426
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mobile-banking.jpg
farmersbankgroup.com/sft1085/ 55 KB
56 KB 46ms
42ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1085/mobile-banking.jpg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

75b6abcce1556692073a9674d17cd9ecc155c3a8f4c93d32866446e0e927888e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1085/mobile-banking.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2017 17:45:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 56669
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Farmers_National_Bank.js Show response
tag.brandcdn.com/autoscript/farmersnationalbank_vg1wvk1fouvaeja9/ 789 B
1 KB 57ms
19ms Script
text/javascript 2600:9000:20eb:5200:7:e536:8b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/farmersnationalbank_vg1wvk1fouvaeja9/Farmers_National_Bank.js
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5200:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a7032a50a7ddba6108096d5b6f900cfd310c3e5f366dc90fa5529103ee558c7

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dP0BgAYSctE_iPe2YFPU9YPM4R1xVvC.
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified: Thu, 06 May 2021 20:50:00 GMT
server: AmazonS3
age: 13816
etag: "e8bb29d3c6303e541d8cbad03217350c"
x-cache: Hit from cloudfront
content-type: text/javascript
date: Wed, 16 Jun 2021 13:58:01 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 789
x-amz-cf-id: 9yWMTcd5w9X1438XYaaninkFjuWzOkegEVVfSBcytyB0L4R-P86ZmQ==

GET
H2 200 home.svg
farmersbankgroup.com/sft1142/ 1011 B
918 B 46ms
42ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1142/home.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

a07e83984ae83869337b5561c8edcffa299e30afdf4a5da6da2e670e1af1e0c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1142/home.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 538
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Feb 2018 17:39:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 information.svg
farmersbankgroup.com/sft1142/ 1 KB
937 B 46ms
42ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1142/information.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

c1ff4d4a751b5480ef72c9fa94a7250c9ad32d92d0df4ac003b59ef3630070d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1142/information.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 557
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Oct 2017 19:25:11 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 online-store.svg
farmersbankgroup.com/sft1142/ 7 KB
2 KB 46ms
42ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1142/online-store.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

aad5b4a87e440a2850db054933c5e5a05d5e4f1bc5f6c02199f413fbec7cfccc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1142/online-store.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 1806
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Oct 2017 19:23:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dollar-symbol.svg
farmersbankgroup.com/sft1142/ 2 KB
1 KB 46ms
43ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1142/dollar-symbol.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

78df6c1c8313db8d4da20cdda24ad97da4b884263974316cd07dc5566a98979b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1142/dollar-symbol.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 852
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Oct 2017 19:24:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rates.svg
farmersbankgroup.com/sft1142/ 1 KB
1 KB 47ms
43ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1142/rates.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

c2f4f41ff75efa8d3da61bb3bdd9b67211af6a870c4e52c05c082844b1a68e31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1142/rates.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 700
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Oct 2017 19:29:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loans.svg
farmersbankgroup.com/sft1142/ 756 B
768 B 47ms
43ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1142/loans.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

d50d241c1916af2820f6b4cdb3618f83be10c8c94eab3113434f3f7769f5f21c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1142/loans.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 388
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Oct 2017 19:29:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bill-pay.svg
farmersbankgroup.com/sft1142/ 2 KB
1 KB 47ms
43ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1142/bill-pay.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

8887ee6124505baca5f779f8f408c9d85fce3aba6c02587b652e39a37ed5374f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1142/bill-pay.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 699
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Oct 2017 19:29:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 team.svg
farmersbankgroup.com/sft1142/ 1 KB
901 B 47ms
44ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1142/team.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

00cabef70af80ca1622f1f407b76740645e50e372eed8a94bffec07709fa4f84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1142/team.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 521
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Oct 2017 19:30:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-member-fdic-seal-white.svg
farmersbankgroup.com/images/ 29 KB
8 KB 47ms
44ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/logo-member-fdic-seal-white.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

f930c8de422b471088767835d0e368adacd6a07229c1b59d84fb4f29de222839

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/logo-member-fdic-seal-white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 7431
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jan 2018 18:21:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-equal-housing-lender-horizontal-white.svg
farmersbankgroup.com/images/ 4 KB
2 KB 47ms
44ms Image
image/svg+xml 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/logo-equal-housing-lender-horizontal-white.svg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

653757c0be5caf84b5195fa409a4aad53bbf592dd151d689914bbf62227bd293

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/logo-equal-housing-lender-horizontal-white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 1535
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jan 2018 18:21:49 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 farmersbankgroup-bottom-2021-03-05-17-51-29-CST.min.js Show response
farmersbankgroup.com/js/ 406 KB
115 KB 26ms
20ms Script
application/javascript 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://farmersbankgroup.com/js/farmersbankgroup-bottom-2021-03-05-17-51-29-CST.min.js

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

6abf7723f78a665a780f3788e37e026ad34a0d349dcd031c049255378fda1c96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/farmersbankgroup-bottom-2021-03-05-17-51-29-CST.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 23:51:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK segmint.min.js Show response
cdn.segmint.net/ 15 KB
16 KB 21ms
17ms Script
application/javascript 143.204.98.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/segmint.min.js
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b28a1ab42d6cf7f239a624541ac8609232cbb127eb1cb99c8937d924c5b14a99

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 13:42:37 GMT
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 03 Jun 2021 12:16:13 GMT
Server: AmazonS3
Age: 16949
ETag: "5f21f44eca02af0745d97794d3c216e0"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age:900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 15545
X-Amz-Cf-Id: Kq1AFNVtcKyWPqP8dsunIDZ32lzC_MnZaQ6LJ6i9m97H1pnPzZFS4w==

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v9/ 26 KB
27 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v9/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Didact%20Gothic%7CLibre%20Baskerville%3A400%2C400i%2C700%7CNunito%3A400%2C600%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

451dad3dfc12bb5652e7600fa6ba6a2d49d804d10768758940be9fee8cf04399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://farmersbankgroup.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:36:41 GMT
x-content-type-options: nosniff
age: 357095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27108
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 14:36:41 GMT

GET
H2 200 ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2
fonts.gstatic.com/s/didactgothic/v14/ 16 KB
17 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/didactgothic/v14/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Didact%20Gothic%7CLibre%20Baskerville%3A400%2C400i%2C700%7CNunito%3A400%2C600%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f686558e91f9d8b396d13a42e218e7a33ef391c97fb68de337af804592169c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://farmersbankgroup.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:53:26 GMT
x-content-type-options: nosniff
age: 374090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16812
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:24:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:53:26 GMT

GET
H3-29 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 38ms
19ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Didact%20Gothic%7CLibre%20Baskerville%3A400%2C400i%2C700%7CNunito%3A400%2C600%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://farmersbankgroup.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:36:44 GMT
x-content-type-options: nosniff
age: 378692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:36:44 GMT

GET
H3-29 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 23ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Didact%20Gothic%7CLibre%20Baskerville%3A400%2C400i%2C700%7CNunito%3A400%2C600%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://farmersbankgroup.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:13:07 GMT
x-content-type-options: nosniff
age: 387309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18972
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:13:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55030730-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2979
date: Wed, 16 Jun 2021 16:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 16 Jun 2021 18:58:37 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
12ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1185666085&t=pageview&_s=1&dl=https%3A%2F%2Ffarmersbankgroup.com%2F&ul=en-us&de=UTF-8&dt=Farmers%20National%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1460863808&gjid=1133433252&cid=1768344358.1623865697&tid=UA-55030730-1&_gid=1024395131.1623865697&_r=1&gtm=2ou690&z=570295780

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://farmersbankgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CMbm2pDbnPECFRtGkQUd2loK5w;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98;~oref=https:/...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9380077;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98?
https://ad.doubleclick.net/ddm/activity/src=9380077;dc_pre=CMbm2pDbnPECFRtGkQUd2loK5w;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98?
https://adservice.google.com/ddm/fls/p/src=9380077;dc_pre=CMbm2pDbnPECFRtGkQUd2loK5w;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98;~ore...
https://adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CMbm2pDbnPECFRtGkQUd2loK5w;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98;~oref...

42 B
262 B

41ms
40ms

Image
image/gif

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CMbm2pDbnPECFRtGkQUd2loK5w;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98;~oref=https://farmersbankgroup.com/

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CMbm2pDbnPECFRtGkQUd2loK5w;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4871954322510.98;~oref=https://farmersbankgroup.com/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Didact%20Gothic%7CLibre%20Baskerville%3A400%2C400i%2C700%7CNunito%3A400%2C600%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://farmersbankgroup.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:26:18 GMT
x-content-type-options: nosniff
age: 368519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19248
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 11:26:18 GMT

GET
H2

200

/
adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CNDA25DbnPECFZSFsgod6xgLEg;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151;~oref=https:...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9380077;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151?
https://ad.doubleclick.net/ddm/activity/src=9380077;dc_pre=CNDA25DbnPECFZSFsgod6xgLEg;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151?
https://adservice.google.com/ddm/fls/p/src=9380077;dc_pre=CNDA25DbnPECFZSFsgod6xgLEg;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151;~or...
https://adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CNDA25DbnPECFZSFsgod6xgLEg;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151;~ore...

42 B
107 B

41ms
40ms

Image
image/gif

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CNDA25DbnPECFZSFsgod6xgLEg;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151;~oref=https://farmersbankgroup.com/

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=9380077;dc_pre=CNDA25DbnPECFZSFsgod6xgLEg;type=invmedia;cat=looka0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6094335321804.151;~oref=https://farmersbankgroup.com/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set en1nnXnxLosqd7 Show response
connect.segmint.net/iframe/ Frame B1E7 815 B
1 KB 501ms
111ms Document
text/html 3.215.91.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/iframe/en1nnXnxLosqd7?new_window=true&responsive=true

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.91.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-91-73.compute-1.amazonaws.com

Software

openresty /

Resource Hash

7b11e2a2f1612bc0f8eb85dc378a4ac8733ff2421ad01e7dcf618cfdad4d013b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: connect.segmint.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://farmersbankgroup.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://farmersbankgroup.com/

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Date: Wed, 16 Jun 2021 17:48:18 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Set-Cookie: SegmintId=c298e0968424459ea618b131c5059d26;Path=/;SameSite=None;Secure;Domain=.segmint.net;Expires=Mon, 15-Jun-2026 17:48:18 GMT;HttpOnly
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: 86d1c404fcb1609b
X-B3-TraceId: 86d1c404fcb1609b
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 524
Connection: keep-alive

GET
H2 206 drone-flyby.mp4
farmersbankgroup.com/sft1192/ 256 KB
0 22ms
21ms Media
video/mp4 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://farmersbankgroup.com/sft1192/drone-flyby.mp4

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: video
cookie: _ga=GA1.2.1768344358.1623865697; _gid=GA1.2.1024395131.1623865697; _gat_gtag_UA_55030730_1=1
:path: /sft1192/drone-flyby.mp4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://farmersbankgroup.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 16 Jun 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Jul 2018 20:06:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 0-3236641/3236642
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
Content-Length: 3236642
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cv_pixel.js Show response
adservices.brandcdn.com/pixel/ 2 KB
1 KB 513ms
171ms Script
application/javascript 18.144.113.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.144.113.157 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-144-113-157.us-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:18 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 14:43:33 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "613-5c0a4d1fc7d19-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 745

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/fvwsntn/psyzqm7/ Frame 1AC2
Redirect Chain

https://insight.adsrvr.org/tags/fvwsntn/psyzqm7/iframe
https://d1eoo1tco6rr5e.cloudfront.net/fvwsntn/psyzqm7/iframe

138 B
630 B

363ms
47ms

Document
text/html

99.86.243.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/fvwsntn/psyzqm7/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/farmersnationalbank_vg1wvk1fouvaeja9/Farmers_National_Bank.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-202.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15639374d6c52afcd0a5939540cf7d74aff38d80e7161cfc7104b8712bb8dda1

Request headers

Host: d1eoo1tco6rr5e.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://farmersbankgroup.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://farmersbankgroup.com/

Response headers

Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Date: Wed, 16 Jun 2021 12:16:32 GMT
Last-Modified: Tue, 11 Aug 2020 18:13:43 GMT
ETag: "91ef587ff7f6b19dd71a824758832f01"
Cache-Control: max-age=86400
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 08fee972d33a4bc475aad82a2fc199cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: QMZAOmhLctrCYepgyTvWg2vHbO6LnpjM3ZHSICCA8EuMsiKSdnqcrg==
Age: 19907

Redirect headers

date: Wed, 16 Jun 2021 17:48:18 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/fvwsntn/psyzqm7/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
260 B 99ms
35ms Image
image/gif 99.80.189.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=fvwsntn&ct=0:3cgg89d&fmt=3
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 100ms
36ms Image
image/gif 99.80.189.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=fvwsntn&ct=0:psyzqm7&fmt=3
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 homepage_boxes.jpg
farmersbankgroup.com/images/ 57 KB
57 KB 44ms
42ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/homepage_boxes.jpg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

44d270dacb43220df4f8b49aedb5f91beab5dc281d522d6b1d707db023f738a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/homepage_boxes.jpg
pragma: no-cache
cookie: _ga=GA1.2.1768344358.1623865697; _gid=GA1.2.1024395131.1623865697; _gat_gtag_UA_55030730_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jan 2018 18:21:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 58440
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 homepage-rates.png
farmersbankgroup.com/images/ 322 KB
323 KB 42ms
42ms Image
image/png 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/images/homepage-rates.png

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

0f36d43f0421b7eb129ecb1178b325d19810f821c3199ee489592b01eb2f1408

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/homepage-rates.png
pragma: no-cache
cookie: _ga=GA1.2.1768344358.1623865697; _gid=GA1.2.1024395131.1623865697; _gat_gtag_UA_55030730_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Apr 2018 17:42:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 329765
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
farmersbankgroup.com/fonts/bootstrap/ 18 KB
18 KB 42ms
42ms Font
font/woff2 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://farmersbankgroup.com/fonts/bootstrap/glyphicons-halflings-regular.woff2

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://farmersbankgroup.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.1768344358.1623865697; _gid=GA1.2.1024395131.1623865697; _gat_gtag_UA_55030730_1=1
:path: /fonts/bootstrap/glyphicons-halflings-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://farmersbankgroup.com
Referer: https://farmersbankgroup.com/css/farmersbankgroup-2019-12-19-14-51-02-CST.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Aug 2017 15:08:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18028
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H/1.1 200
OK eaae1d32-48f4-42e7-af2c-d40cdfb6de53.json
cdn.segmint.net/ Frame 0
0 643ms
389ms Preflight 143.204.98.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/eaae1d32-48f4-42e7-af2c-d40cdfb6de53.json
Protocol: HTTP/1.1
Server: 143.204.98.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://farmersbankgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Date: Wed, 16 Jun 2021 17:48:19 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 42cKa_Ky0qJhMHSYsapaMSRqHca4MYfuT6qyNcvkTb-IhH7ohie63Q==

GET
H/1.1 200
OK eaae1d32-48f4-42e7-af2c-d40cdfb6de53.json Show response
cdn.segmint.net/ 188 B
796 B 446ms
445ms XHR
application/json 143.204.98.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/eaae1d32-48f4-42e7-af2c-d40cdfb6de53.json
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db01d5c4b03a3b7ff639df6de4dee2619811d62e87bc7acd0f6c861c2566508d

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Jun 2021 17:48:20 GMT
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 188
Last-Modified: Fri, 23 Aug 2019 16:05:08 GMT
Server: AmazonS3
ETag: "14e13f202696563817339c26b11d9914"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: LpFXFt6fax4-gTAbnhSm_u8OU7BHjK9Bv13wNs9mUXBXsntOUSLStQ==

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 29ms
6ms Script
application/x-javascript 2600:9000:21f3:4a00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4a00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:39:35 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 17:39:25 GMT
server: Jetty(9.3.29.v20201019)
age: 523
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: g-Dk_ecLXdX-COE79pIRpkyg6LJ9TEwc70N0davW2ktT0E1olcYhCA==
expires: Wed, 16 Jun 2021 18:39:35 GMT

GET
H2 200 video-poster.jpg
farmersbankgroup.com/sft1192/ 32 KB
32 KB 36ms
35ms Image
image/jpeg 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farmersbankgroup.com/sft1192/video-poster.jpg

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

8978f228a436d3f659c45c47d739823a3b1316b05ebe636e9be301f0f271c7b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sft1192/video-poster.jpg
pragma: no-cache
cookie: _ga=GA1.2.1768344358.1623865697; _gid=GA1.2.1024395131.1623865697; _gat_gtag_UA_55030730_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Feb 2018 18:27:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 32622
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 drone-flyby.mp4
farmersbankgroup.com/sft1192/ 25 KB
25 KB 33ms
32ms Media
video/mp4 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://farmersbankgroup.com/sft1192/drone-flyby.mp4

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

ad1dbb9125240f5ab54bee44886e98eecd27186c13c453961467fa0b60076bbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: video
cookie: _ga=GA1.2.1768344358.1623865697; _gid=GA1.2.1024395131.1623865697; _gat_gtag_UA_55030730_1=1
:path: /sft1192/drone-flyby.mp4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=3211264-
:method: GET
Referer: https://farmersbankgroup.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=3211264-

Response headers

date: Wed, 16 Jun 2021 17:48:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Jul 2018 20:06:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 3211264-3236641/3236642
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
Content-Length: 25378
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Cookie set ca.html Show response
20813985p.rfihub.com/ Frame F53E 3 KB
4 KB 369ms
289ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20813985p.rfihub.com/ca.html?ver=9&rb=37864&ca=20813985&_o=37864&_t=20813985&pe=https%3A%2F%2Ffarmersbankgroup.com%2F&pf=&ra=1622944883998907
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 20fbe251f4ac8f65e69947ce090f3e75c2a20d24c2ac00e80fc878bfc122e87c

Request headers

Host: 20813985p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://farmersbankgroup.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://farmersbankgroup.com/

Response headers

Date: Wed, 16 Jun 2021 17:48:18 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmRsYWZqZmlhaGG-Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwuN_wldPwsq_xYafxMrmnncaO5H4y8SRuU_QuMDAC3ggnQwAQAA; Path=/; Domain=.rfihub.com; Expires=Mon, 11 Jul 2022 17:48:18 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNLU0MjcyNDAzMBTiM9QtKPVwtnT18jIxzIyX4jU0MzK2MDM1s7QwNDMBAHi1Qk40AAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 11 Jul 2022 17:48:18 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNLU0MjcyNDAzMBTiM9QtKPVwtnT18jIxzIwHAE1ppJ0lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2938
Server: Jetty(9.3.29.v20201019)

GET
H2 206 drone-flyby.mp4
farmersbankgroup.com/sft1192/ 3 MB
3 MB 21ms
20ms Media
video/mp4 192.124.249.117
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://farmersbankgroup.com/sft1192/drone-flyby.mp4

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10117.sucuri.net

Software

nginx /

Resource Hash

bcd4f9ce60284e8830f1cdcf88cdd0678160555b3a616bd179c93ac8487a3529

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: video
cookie: _ga=GA1.2.1768344358.1623865697; _gid=GA1.2.1024395131.1623865697; _gat_gtag_UA_55030730_1=1
:path: /sft1192/drone-flyby.mp4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: farmersbankgroup.com
referer: https://farmersbankgroup.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=196608-
:method: GET
Referer: https://farmersbankgroup.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=196608-

Response headers

date: Wed, 16 Jun 2021 17:48:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Jul 2018 20:06:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 196608-3236641/3236642
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
Content-Length: 3040034
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 1AC2 70 B
260 B 29ms
29ms Image
image/gif 99.80.189.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=fvwsntn&ct=0:psyzqm7&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/fvwsntn/psyzqm7/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame F53E
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTU5NzQ5NTkyNzIxMDYwMQ==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKeWf4pQ9yjwHu7J5AWMwU0&google_cver=1

42 B
1 KB

90ms
22ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKeWf4pQ9yjwHu7J5AWMwU0&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:48:18 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKeWf4pQ9yjwHu7J5AWMwU0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame F53E
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=1871597495927210601
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871597495927210601

43 B
1 KB

15ms
15ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871597495927210601

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:18 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.12:80
AN-X-Request-Uuid: b035e698-f9b0-4c9c-9743-c741e2c77ed9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:18 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.81:80
AN-X-Request-Uuid: 76de6c21-fbcf-4b2c-baca-99fe66ef30ab
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871597495927210601
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame F53E
Redirect Chain

https://stags.bluekai.com/site/4722?id=1871597495927210601&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=g3kwm999999xvXoQ&forward=

42 B
1 KB

32ms
24ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=g3kwm999999xvXoQ&forward=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:48:18 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=g3kwm999999xvXoQ&forward=
Date: Wed, 16 Jun 2021 17:48:18 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 7a3a
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F53E 0
239 B 90ms
22ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1871597495927210601
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F53E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871597495927210601&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871597495927210601&redir=

42 B
958 B

44ms
43ms

Image
image/gif

52.209.141.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871597495927210601&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.141.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-141-237.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v009-0cba381de.edge-irl1.demdex.com 6.3.0.20210616085605
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rk2No2jhRMw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v009-03dde6e87.edge-irl1.demdex.com 6.3.0.20210616085605
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MszjD8h0SFQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871597495927210601&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F53E
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597495927210601&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597495927210601&forward=&C=1

43 B
1006 B

31ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597495927210601&forward=&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 16 Jun 2021 17:48:18 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597495927210601&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Wed, 16 Jun 2021 17:48:18 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame F53E 0
446 B 26ms
6ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:18 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame F53E 42 B
416 B 36ms
15ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1871597495927210601
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 17:48:18 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame F53E 43 B
191 B 174ms
153ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1871597495927210601

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-99-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 16 Jun 2021 17:48:18 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame F53E
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597495927210601&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597495927210601&img=1&__user_check__=1&sync_id=08bc1030-cecb-11eb-9822-18969d310106

43 B
549 B

19ms
19ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597495927210601&img=1&__user_check__=1&sync_id=08bc1030-cecb-11eb-9822-18969d310106
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:48:18 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 123
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 16 Jun 2021 17:48:18 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=1871597495927210601&img=1&__user_check__=1&sync_id=08bc1030-cecb-11eb-9822-18969d310106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 36
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame F53E 43 B
183 B 285ms
94ms Image
image/gif 2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1871597495927210601&r=HQIKm2_7v9Q5
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:18 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame F53E 43 B
238 B 77ms
19ms Image
image/gif 35.176.232.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1871597495927210601
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.232.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-232-241.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F53E 0
338 B 91ms
28ms Image
text/plain 99.80.93.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1871597495927210601
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.93.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-93-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:18 GMT
cache-control: private, no-cache, no-store
x-request-time: D=54 t=1623865698
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame F53E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597495927210601&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871597495927210601&expires=30

43 B
345 B

23ms
22ms

Image
image/gif

54.93.69.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871597495927210601&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.69.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-69-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871597495927210601&expires=30
date: Wed, 16 Jun 2021 17:48:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame F53E
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=1871597495927210601&bid=omt9pi0

0
344 B

65ms
21ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1871597495927210601&bid=omt9pi0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:48:18 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=1871597495927210601&bid=omt9pi0
Date: Wed, 16 Jun 2021 17:48:18 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame F53E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YMo5YgABxpGL4AAC
https://p.rfihub.com/cm?in=1&pub=21653&userid=YMo5YgABxpGL4AAC&_test=YMo5YgABxpGL4AAC

42 B
1 KB

26ms
25ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YMo5YgABxpGL4AAC&_test=YMo5YgABxpGL4AAC
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:48:18 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1623865699.692339,VS0,VE0
x-served-by: cache-hhn4076-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YMo5YgABxpGL4AAC&_test=YMo5YgABxpGL4AAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame F53E 46 B
697 B 97ms
52ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1871597495927210601

Requested by

Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 16 Jun 2021 17:48:18 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Wed, 16 Jun 2021 17:48:18 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame F53E
Redirect Chain

https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
https://p.rfihub.com/cm?in=1&pub=17945&userid=d56a98cc-22cb-4562-83d6-fbc71fb535c2

42 B
1 KB

50ms
22ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=17945&userid=d56a98cc-22cb-4562-83d6-fbc71fb535c2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:48:18 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
location: https://p.rfihub.com/cm?in=1&pub=17945&userid=d56a98cc-22cb-4562-83d6-fbc71fb535c2
cache-control: private
content-type: text/html; charset=UTF-8
content-length: 213
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame F53E
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1871597495927210601&referrer=https%3A%2F%2Ffarmersbankgroup.com%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=2aa7ca2c-b28e-44e4-8e13-afac1823f530%3A1623865698.72&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D2aa7ca2c-b28e-44e4-8e13-afac1823f530...
https://idsync.rlcdn.com/501709.gif?partner_uid=2aa7ca2c-b28e-44e4-8e13-afac1823f530%3A1623865698.72
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFcIL3Lt7pGCUJLpoLpdReY&google_cver=1

42 B
299 B

16ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFcIL3Lt7pGCUJLpoLpdReY&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 17:48:18 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFcIL3Lt7pGCUJLpoLpdReY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame F53E 43 B
109 B 326ms
120ms Image
image/gif 52.73.56.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1871597495927210601
Requested by: Host: farmersbankgroup.com
URL: https://farmersbankgroup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.56.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-56-169.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20813985p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:18 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK 64d3947c604746a98486d2ea07d46a0e.png
cdn.segmint.net/ Frame B1E7 34 KB
35 KB 19ms
17ms Image
image/png 143.204.98.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.segmint.net/64d3947c604746a98486d2ea07d46a0e.png?cb=404376775
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/en1nnXnxLosqd7?new_window=true&responsive=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f26cf07878a5ee47a07fa263e683b1228ae27c3aacabc72aa44825b98ea1781

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 01:36:00 GMT
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Mar 2021 18:57:27 GMT
Server: AmazonS3
Age: 58338
ETag: "785e82eb4db80d7116cca30886cd375b"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 34922
X-Amz-Cf-Id: -IMDkmD4Ju11nZQ14fQiPWE0l8L3al1J--Gwwd57mN367KRJCpNqdQ==

GET
H2 200 cv Show response
adservices.brandcdn.com/pixel/ Frame 09BB 4 KB
2 KB 171ms
170ms Document
text/html 18.144.113.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv?aid=65488&cv_ck=09af25c2-1149-4851-9e23-9687b6500728&m=farmersbankgroup.com&r=
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.144.113.157 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-144-113-157.us-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe

Request headers

:method: GET
:authority: adservices.brandcdn.com
:scheme: https
:path: /pixel/cv?aid=65488&cv_ck=09af25c2-1149-4851-9e23-9687b6500728&m=farmersbankgroup.com&r=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://farmersbankgroup.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AWSALBCORS=BPL0oJAmb16KuqQk8eXd9gY2+GigxPKqBMhrZTiKA7AJGq0vbjMZ3a6z7EizX8SoYO+wYYmV6IvxdClrsT7Idu+s9QHDwKxHOvUWlWhIEJYCccMEnNYvvAUZHoqo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://farmersbankgroup.com/

Response headers

date: Wed, 16 Jun 2021 17:48:18 GMT
content-type: text/html
content-length: 1137
set-cookie: AWSALB=/wL42VrcQgGOtykCHht/MeQ74w34PmNKDIpX628Y0kZrEp6cTKNixg2ILnb1+RAcYesX1Mvw+PAOGMhtUOsHmEtHCxoUIpQBssiKwXYNfdWAIQc4zM9HbTm41HCn; Expires=Wed, 23 Jun 2021 17:48:18 GMT; Path=/ AWSALBCORS=/wL42VrcQgGOtykCHht/MeQ74w34PmNKDIpX628Y0kZrEp6cTKNixg2ILnb1+RAcYesX1Mvw+PAOGMhtUOsHmEtHCxoUIpQBssiKwXYNfdWAIQc4zM9HbTm41HCn; Expires=Wed, 23 Jun 2021 17:48:18 GMT; Path=/; SameSite=None; Secure
server: Apache/2.4.29 (Ubuntu)
content-location: cv.html
vary: negotiate,Accept-Encoding
tcn: choice
last-modified: Fri, 23 Apr 2021 14:43:33 GMT
etag: "1002-5c0a4d1fc7d19;5c0f60998a7e1-gzip"
accept-ranges: bytes
content-encoding: gzip

GET
H2 200 cv_confirm.png
adservices.brandcdn.com/pixel/ Frame 09BB 68 B
557 B 171ms
171ms Image
image/png 18.144.113.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adservices.brandcdn.com/pixel/cv_confirm.png?aid=65488&buid=09af25c2-1149-4851-9e23-9687b6500728&m=farmersbankgroup.com&r=&oid=18010583
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv?aid=65488&cv_ck=09af25c2-1149-4851-9e23-9687b6500728&m=farmersbankgroup.com&r=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.144.113.157 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-144-113-157.us-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer: https://adservices.brandcdn.com/pixel/cv?aid=65488&cv_ck=09af25c2-1149-4851-9e23-9687b6500728&m=farmersbankgroup.com&r=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:18 GMT
last-modified: Fri, 23 Apr 2021 14:43:33 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "44-5c0a4d1fc7d19"
content-length: 68
content-type: image/png

OPTIONS
H/1.1 204
No Content event
connect.segmint.net/ Frame 0
0 412ms
104ms Preflight 3.215.91.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Protocol: HTTP/1.1
Server: 3.215.91.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-91-73.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://farmersbankgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://farmersbankgroup.com
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Wed, 16 Jun 2021 17:48:19 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Connection: keep-alive

POST
H/1.1 200
OK event Show response
connect.segmint.net/ 0
645 B 105ms
104ms XHR
text/plain 3.215.91.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.91.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-91-73.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://farmersbankgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:19 GMT
Server: openresty
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin: https://farmersbankgroup.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
X-Application-Context: site-event-receiver-service:prod:7084
Expires: 0

GET
H/1.1 200
OK Cookie set en177X7egn Show response
connect.segmint.net/iframe/doughnut/ Frame 3C04 509 B
1 KB 121ms
121ms Document
text/html 3.215.91.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/iframe/doughnut/en177X7egn

Requested by

Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.91.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-91-73.compute-1.amazonaws.com

Software

openresty /

Resource Hash

0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: connect.segmint.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://farmersbankgroup.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: SegmintId=c298e0968424459ea618b131c5059d26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://farmersbankgroup.com/

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Date: Wed, 16 Jun 2021 17:48:19 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Set-Cookie: SegmintId=44b1b77d31144fd580b88bcdde9e81e7;Path=/;SameSite=None;Secure;Domain=.segmint.net;Expires=Mon, 15-Jun-2026 17:48:19 GMT;HttpOnly
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: f4d45c69401860e4
X-B3-TraceId: f4d45c69401860e4
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 307
Connection: keep-alive

GET
H/1.1

200
OK

cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame 3C04
Redirect Chain

https://um.simpli.fi/segmint
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6224565EDF114319910015EF8CDB57B3

43 B
410 B

411ms
107ms

Image
image/gif

3.215.91.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6224565EDF114319910015EF8CDB57B3
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en177X7egn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.91.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-91-73.compute-1.amazonaws.com
Software: openresty /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:19 GMT
Server: openresty
X-B3-TraceId: a1ff912c0a8215d
Content-Type: image/gif; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-B3-SpanId: a1ff912c0a8215d
X-B3-Sampled: 1
Connection: keep-alive
Content-Length: 43
X-Application-Context: cookie-mapper:prod:7077
Expires: 0

Redirect headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=6224565EDF114319910015EF8CDB57B3
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H2 200 ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame 3C04 3 KB
4 KB 78ms
33ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6

Requested by

Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en177X7egn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: FokhP_tX2k0aWm4C0yYF
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ Frame 3C04 752 B
2 KB 23ms
20ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

299fbf24d005e5db102329ef38f3bca5b3d95b6d709568955bc95d612efb45f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 3C04
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=AFBA16B642174534BBF3EC6890DF6BFE

43 B
182 B

120ms
94ms

Image
image/gif

2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=AFBA16B642174534BBF3EC6890DF6BFE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=AFBA16B642174534BBF3EC6890DF6BFE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 3C04
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=AFBA16B642174534BBF3EC6890DF6BFE
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=AFBA16B642174534BBF3EC6890DF6BFE

95 B
428 B

16ms
16ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=AFBA16B642174534BBF3EC6890DF6BFE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Wed, 16 Jun 2021 17:48:19 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=AFBA16B642174534BBF3EC6890DF6BFE
alt-svc: clear
content-length: 0

GET
H2

200

aa_px
um.simpli.fi/ Frame 3C04
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=AFBA16B642174534BBF3EC6890DF6BFE
https://d.agkn.com/pixel/10751/?che=1623865699&ip=89.249.64.203&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164861103819000489968
https://um.simpli.fi/aa_px?sk=164861103819000489968

43 B
409 B

19ms
19ms

Image
image/gif

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164861103819000489968

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 15 Jun 2021 17:48:19 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:19 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164861103819000489968
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ Frame 3C04 43 B
409 B 19ms
18ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 3C04
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AFBA16B642174534BBF3EC6890DF6BFE

0
0

51ms
13ms

Image
text/html

65.9.82.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AFBA16B642174534BBF3EC6890DF6BFE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.82.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AFBA16B642174534BBF3EC6890DF6BFE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 3C04 43 B
409 B 20ms
18ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame 3C04 43 B
409 B 20ms
18ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H2

451

398696.gif
idsync.rlcdn.com/ Frame 3C04
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=AFBA16B642174534BBF3EC6890DF6BFE;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=AFBA16B642174534BBF3EC6890DF6BFE;mimetype=img;sr
https://idsync.rlcdn.com/398696.gif?partner_uid=-6483081364490859273

0
42 B

14ms
14ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398696.gif?partner_uid=-6483081364490859273
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:19 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://idsync.rlcdn.com/398696.gif?partner_uid=-6483081364490859273
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 3C04
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=AFBA16B642174534BBF3EC6890DF6BFE&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=AFBA16B642174534BBF3EC6890DF6BFE&j=0&xl8blockcheck=1

0
755 B

42ms
42ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=AFBA16B642174534BBF3EC6890DF6BFE&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 16 Jun 2021 17:48:19 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=AFBA16B642174534BBF3EC6890DF6BFE&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ Frame 3C04 43 B
409 B 19ms
18ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 3C04
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=AFBA16B642174534BBF3EC6890DF6BFE

0
421 B

406ms
98ms

Image
text/plain

3.223.82.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=AFBA16B642174534BBF3EC6890DF6BFE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.82.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-82-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 16 Jun 2021 17:48:20 GMT

Redirect headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=AFBA16B642174534BBF3EC6890DF6BFE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/ Frame 3C04
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=AFBA16B642174534BBF3EC6890DF6BFE

62 B
745 B

147ms
147ms

Image
image/gif

23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=AFBA16B642174534BBF3EC6890DF6BFE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:48:20 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: fa57
Content-Type: image/gif

Redirect headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=AFBA16B642174534BBF3EC6890DF6BFE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H2

200

tpid=AFBA16B642174534BBF3EC6890DF6BFE
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame 3C04
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AFBA16B642174534BBF3EC6890DF6BFE
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=AFBA16B642174534BBF3EC6890DF6BFE

49 B
711 B

43ms
43ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=AFBA16B642174534BBF3EC6890DF6BFE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:20 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.28
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:19 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=AFBA16B642174534BBF3EC6890DF6BFE
cache-control: no-cache
x-server: 10.45.24.198
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 3C04
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=AFBA16B642174534BBF3EC6890DF6BFE
https://ce.lijit.com/merge?pid=2&3pid=AFBA16B642174534BBF3EC6890DF6BFE&dnr=1

0
433 B

22ms
13ms

Image
text/plain

216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=AFBA16B642174534BBF3EC6890DF6BFE&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=AFBA16B642174534BBF3EC6890DF6BFE&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame 3C04
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=AFBA16B642174534BBF3EC6890DF6BFE

0
42 B

14ms
14ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=AFBA16B642174534BBF3EC6890DF6BFE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=AFBA16B642174534BBF3EC6890DF6BFE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/ Frame 3C04
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1623865699753&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=16488712&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie...
https://www.google.com/pagead/1p-conversion/1026675585/?random=16488712&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...
https://www.google.de/pagead/1p-conversion/1026675585/?random=16488712&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1...

42 B
108 B

20ms
19ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=16488712&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YznKYKjFL8yIrATGna_ACg&random=3559159&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=16488712&cv=7&fst=1623865699753&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YznKYKjFL8yIrATGna_ACg&random=3559159&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 3C04
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AFBA16B642174534BBF3EC6890DF6BFE
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AFBA16B642174534BBF3EC6890DF6BFE&__user_check__=1&sync_id=099bd6d8-cecb-11eb-830d-1bce7de30206

43 B
547 B

17ms
17ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AFBA16B642174534BBF3EC6890DF6BFE&__user_check__=1&sync_id=099bd6d8-cecb-11eb-830d-1bce7de30206
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 17:48:20 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 2
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 16 Jun 2021 17:48:19 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=AFBA16B642174534BBF3EC6890DF6BFE&__user_check__=1&sync_id=099bd6d8-cecb-11eb-830d-1bce7de30206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 95
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 3C04
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=AFBA16B642174534BBF3EC6890DF6BFE
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DAFBA16B642174534BBF3EC6890DF6BFE

43 B
1 KB

16ms
15ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DAFBA16B642174534BBF3EC6890DF6BFE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:20 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.51:80
AN-X-Request-Uuid: 39f86f2d-8992-4fc9-87a0-82861a52f3b3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 17:48:19 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.39:80
AN-X-Request-Uuid: da5b3b93-6a0a-4981-9760-8d7a600f441e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DAFBA16B642174534BBF3EC6890DF6BFE
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3C04
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AFBA16B642174534BBF3EC6890DF6BFE&expires=365

0
239 B

23ms
23ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AFBA16B642174534BBF3EC6890DF6BFE&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AFBA16B642174534BBF3EC6890DF6BFE&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 15 Jun 2021 17:48:19 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3C04
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=AFBA16B642174534BBF3EC6890DF6BFE
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=AFBA16B642174534BBF3EC6890DF6BFE

43 B
180 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=AFBA16B642174534BBF3EC6890DF6BFE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:20 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=AFBA16B642174534BBF3EC6890DF6BFE
date: Wed, 16 Jun 2021 17:48:20 GMT
via: 1.1 google
server: OXGW/16.208.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/ Frame 3C04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEAu3YXK34_CRO78t83lwS7M&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFBA16B642174534BBF3EC6890DF6BFE
https://um.simpli.fi/g_match?id=

0
320 B

24ms
18ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 17:48:19 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 15 Jun 2021 17:48:19 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Jun 2021 17:48:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNzS1NDexNLU0MjcyNDAzMBTiM9QtKPVwtnT18jIxzIwHAE1ppJ0lAAAA
.rfihub.com/	1970-01-20 04:26:01	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNzS1NDexNLU0MjcyNDAzMBTiM9QtKPVwtnT18jIxzIyX4jU0MzK2MDM1s7QwNDMBAHi1Qk40AAAA
.segmint.net/	1970-01-21 14:52:25	Name: SegmintId Value: c298e0968424459ea618b131c5059d26
.farmersbankgroup.com/	1970-01-19 19:04:25	Name: _gat_gtag_UA_55030730_1 Value: 1
.rfihub.com/	1970-01-20 04:26:01	Name: eud Value: H4sIAAAAAAAAAJvFyGtoZmRsYWZqZmlhaGG-Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwuN_wldPwsq_xYafxMrmnncaO5H4y8SRuU_QuMDAC3ggnQwAQAA
.farmersbankgroup.com/	1970-01-20 12:35:37	Name: _ga Value: GA1.2.1768344358.1623865697
farmersbankgroup.com/	1970-01-20 03:50:01	Name: brandcdn_uid Value: 09af25c2-1149-4851-9e23-9687b6500728
.farmersbankgroup.com/	1970-01-19 19:05:52	Name: _gid Value: GA1.2.1024395131.1623865697

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20813985p.rfihub.com
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ads.yahoo.com
adservice.google.com
adservice.google.de
adservices.brandcdn.com
bcp.crwdcntrl.net
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdn.segmint.net
ce.lijit.com
cm.g.doubleclick.net
connect.segmint.net
contextual.media.net
d.agkn.com
d1eoo1tco6rr5e.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
farmersbankgroup.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
live.rezync.com
loadm.exelator.com
maprtb.segmint.net
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
pixel.tapad.com
ps.eyeota.net
simplifi.partners.tremorhub.com
stags.bluekai.com
sync-tm.everesttech.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.brandcdn.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
web6.secureinternetbank.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
107.162.136.239
142.250.185.230
142.250.186.162
143.204.98.21
151.101.114.49
159.253.128.183
169.50.137.176
18.144.113.157
18.194.175.178
185.94.180.125
192.124.249.117
193.0.160.128
2.18.234.21
2.18.235.93
216.52.2.19
216.58.212.162
23.45.99.241
2600:1901:0:8eee::
2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37
2600:9000:20eb:5200:7:e536:8b00:93a1
2600:9000:21f3:4a00:1:76cf:fe80:93a1
2a00:1288:80:800::7001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200e
3.121.27.153
3.215.91.73
3.223.82.72
34.254.143.3
34.98.64.218
35.176.232.241
35.227.248.159
35.244.174.68
37.252.172.249
52.209.141.237
52.30.140.199
52.58.46.39
52.73.56.169
54.93.69.146
65.9.82.39
65.9.82.48
69.173.144.139
99.80.189.193
99.80.93.68
99.86.243.202
00cabef70af80ca1622f1f407b76740645e50e372eed8a94bffec07709fa4f84
04f3e71d2befbcb9f523732405493a0130563db4e6fd5cd18e0a1a22fb9283c5
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f36d43f0421b7eb129ecb1178b325d19810f821c3199ee489592b01eb2f1408
15639374d6c52afcd0a5939540cf7d74aff38d80e7161cfc7104b8712bb8dda1
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132
20fbe251f4ac8f65e69947ce090f3e75c2a20d24c2ac00e80fc878bfc122e87c
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
28a0d6766f3a164cdd35372bfb55506fbbff59aed4d5e01956cda81b14bb8ba7
299fbf24d005e5db102329ef38f3bca5b3d95b6d709568955bc95d612efb45f0
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f26cf07878a5ee47a07fa263e683b1228ae27c3aacabc72aa44825b98ea1781
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31f85b3a88b2686a4b96555f83a9d8d0e846d759d2b3099d13eb958aee4bcc14
3874fdb2d36b211e83057d20ff1ec951b4c65610057415f5085a91364371e7b2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee77b180fbe820e6382c5b6eae0b41500dffd93c9e0154f4b1df0a9305f4bcf
41d3c2e9c1e4997f15be9c896ad72e595c2634039f59e09114fd758cb7cc9ad5
44d270dacb43220df4f8b49aedb5f91beab5dc281d522d6b1d707db023f738a3
451dad3dfc12bb5652e7600fa6ba6a2d49d804d10768758940be9fee8cf04399
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a7032a50a7ddba6108096d5b6f900cfd310c3e5f366dc90fa5529103ee558c7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4775fa7f7cf803229c61e0b064ea0a111e4d9e2439a0f5e7b3a2cfd25930cb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
653757c0be5caf84b5195fa409a4aad53bbf592dd151d689914bbf62227bd293
65ae6cedface7d775c387709e5496a942bf021ced1b9046755518485f6ee10aa
6abf7723f78a665a780f3788e37e026ad34a0d349dcd031c049255378fda1c96
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9d177636df0be9f95139556c3c3354b66920c1e20085341c3c3bafb996d994
6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe
75b6abcce1556692073a9674d17cd9ecc155c3a8f4c93d32866446e0e927888e
78df6c1c8313db8d4da20cdda24ad97da4b884263974316cd07dc5566a98979b
7b11e2a2f1612bc0f8eb85dc378a4ac8733ff2421ad01e7dcf618cfdad4d013b
7bc0ef0af898d2792e44796f40ce530d7da9358b2b439a64b76a947d5d5d9bb0
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8887ee6124505baca5f779f8f408c9d85fce3aba6c02587b652e39a37ed5374f
8978f228a436d3f659c45c47d739823a3b1316b05ebe636e9be301f0f271c7b5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ebe81997d09d4d752db1c49a2b34f698bb618800e82912808bcdc0100be5d4d
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07e83984ae83869337b5561c8edcffa299e30afdf4a5da6da2e670e1af1e0c7
aac147e0ed5dfbfd733db0a8fd5ddcb26c7673de2f429ff9f24306b1506d1819
aad5b4a87e440a2850db054933c5e5a05d5e4f1bc5f6c02199f413fbec7cfccc
ad1dbb9125240f5ab54bee44886e98eecd27186c13c453961467fa0b60076bbd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21614b2f542aa6c78b69d38479b0f43e822bd50c72fbaeb8d4d38cac54ed4e7
b28a1ab42d6cf7f239a624541ac8609232cbb127eb1cb99c8937d924c5b14a99
b367710439916328be40726fd26ca32e57c557cf9c1dc337cd67404d890e64fb
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
bcd4f9ce60284e8830f1cdcf88cdd0678160555b3a616bd179c93ac8487a3529
c1ff4d4a751b5480ef72c9fa94a7250c9ad32d92d0df4ac003b59ef3630070d9
c2f4f41ff75efa8d3da61bb3bdd9b67211af6a870c4e52c05c082844b1a68e31
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d50d241c1916af2820f6b4cdb3618f83be10c8c94eab3113434f3f7769f5f21c
d5d058175811968bdb8297b2bba52dd080c173d095b2b063fd47a8840ab5043a
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
db01d5c4b03a3b7ff639df6de4dee2619811d62e87bc7acd0f6c861c2566508d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c8e0923a83f9c6982645ccb1af6c36640fd551959ec6d37076943831136d0c
f4f686558e91f9d8b396d13a42e218e7a33ef391c97fb68de337af804592169c
f930c8de422b471088767835d0e368adacd6a07229c1b59d84fb4f29de222839
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

farmersbankgroup.com Open in urlscan Pro 192.124.249.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

100 %HTTPS

29 %IPv6

44 Domains

57 Subdomains

41 IPs

5 Countries

4112 kBTransfer

5031 kBSize

8 Cookies

11 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

farmersbankgroup.com Open in urlscan Pro
192.124.249.117 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

100 %
HTTPS

29 %
IPv6

44
Domains

57
Subdomains

41
IPs

5
Countries

4112 kB
Transfer

5031 kB
Size

8
Cookies

107 HTTP transactions
0 data transactions