midlandsb.brunocosta.agency Open in urlscan Pro
2606:4700::6812:f001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://midlandsb.brunocosta.agency/login/popup
Submission: On March 31 via automatic, source phishtank (March 31st 2022, 4:07:31 am UTC) — Scanned from DE

Summary HTTP 131 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 23 domains to perform 131 HTTP transactions. The main IP is 2606:4700::6812:f001, located in United States and belongs to CLOUDFLARENET, US. The main domain is midlandsb.brunocosta.agency.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time midlandsb.brunocosta.agency was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
79	2606:4700::68... 2606:4700::6812:f001	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	34.204.222.125 34.204.222.125	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:206... 2600:9000:206f:fa00:7:e536:8b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	107.23.44.14 107.23.44.14	14618 (AMAZON-AES) (AMAZON-AES)
2 6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	143.204.205.113 143.204.205.113	16509 (AMAZON-02) (AMAZON-02)
3	52.8.106.50 52.8.106.50	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.66.123 65.9.66.123	16509 (AMAZON-02) (AMAZON-02)
1	108.157.1.118 108.157.1.118	16509 (AMAZON-02) (AMAZON-02)
2 4	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	99.86.7.16 99.86.7.16	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	108.157.4.53 108.157.4.53	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.80.161.153 99.80.161.153	16509 (AMAZON-02) (AMAZON-02)
1	54.229.132.122 54.229.132.122	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
131	30

79 2606:4700::6812:f001 (United States)

ASN13335 (CLOUDFLARENET, US)

midlandsb.brunocosta.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.204.222.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-222-125.compute-1.amazonaws.com

www.midlandsb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:fa00:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.23.44.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-44-14.compute-1.amazonaws.com

detectca.easysol.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.205.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-113.fra53.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.8.106.50 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-106-50.us-west-1.compute.amazonaws.com

adservices.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dc7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-16.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-53.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.161.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.132.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-132-122.eu-west-1.compute.amazonaws.com

ws31.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	brunocosta.agency midlandsb.brunocosta.agency	358 KB
7	adsrvr.org 2 redirects insight.adsrvr.org — Cisco Umbrella Rank: 591 js.adsrvr.org — Cisco Umbrella Rank: 1585	4 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 624 script.hotjar.com — Cisco Umbrella Rank: 958 vars.hotjar.com — Cisco Umbrella Rank: 1008 in.hotjar.com — Cisco Umbrella Rank: 1743 ws31.hotjar.com — Cisco Umbrella Rank: 63469	66 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 385 www.linkedin.com — Cisco Umbrella Rank: 595 px4.ads.linkedin.com — Cisco Umbrella Rank: 4868	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
4	brandcdn.com tag.brandcdn.com — Cisco Umbrella Rank: 19738 adservices.brandcdn.com — Cisco Umbrella Rank: 12698	5 KB
4	midlandsb.com www.midlandsb.com	6 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	489 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	134 KB
3	easysol.net detectca.easysol.net — Cisco Umbrella Rank: 60112	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5640	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 7	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	2 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3356	191 B
2	basis.net 2 redirects pixel-a.basis.net — Cisco Umbrella Rank: 17554	132 B
2	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	138 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 367	716 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 396	14 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 938	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1445	40 KB
131	23

	Domain	Requested by
79	midlandsb.brunocosta.agency	midlandsb.brunocosta.agency
6	insight.adsrvr.org	2 redirects midlandsb.brunocosta.agency d1eoo1tco6rr5e.cloudfront.net js.adsrvr.org
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.midlandsb.com	midlandsb.brunocosta.agency
3	www.facebook.com	midlandsb.brunocosta.agency
3	bat.bing.com	www.googletagmanager.com bat.bing.com midlandsb.brunocosta.agency
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	adservices.brandcdn.com	tag.brandcdn.com adservices.brandcdn.com
3	detectca.easysol.net	midlandsb.brunocosta.agency
2	www.google.de	midlandsb.brunocosta.agency
2	www.google.com	midlandsb.brunocosta.agency
2	px.ads.linkedin.com	2 redirects
2	pixel.sitescout.com	midlandsb.brunocosta.agency
2	pixel-a.basis.net	2 redirects
2	d1eoo1tco6rr5e.cloudfront.net	tag.brandcdn.com
2	www.googletagmanager.com	midlandsb.brunocosta.agency www.googletagmanager.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	midlandsb.brunocosta.agency
1	ws31.hotjar.com	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px4.ads.linkedin.com	midlandsb.brunocosta.agency
1	www.linkedin.com	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	tag.brandcdn.com	midlandsb.brunocosta.agency
1	www.googleoptimize.com	midlandsb.brunocosta.agency
131	32

This site contains links to these domains. Also see Links.

Domain
midlandstatesbank.btbanking.com
estatements.midlandstatesbank.com
www.myaccountaccess.com
clientpoint.fisglobal.com
clientaccess.rjf.com
rtd.retirement.schwabrt.com
www.go-retire.com
www.pcs401k.com
www.midlandstatesbank.com
www.midlandsb.com
lending.midlandsb.com
orderpoint.deluxe.com
smartpay.profitstars.com
www.deluxe.com
investoraccess.rjf.com
midlandsb.everfi-next.net
investors.midlandsb.com
www.midlandtc.com
www.midlandinstitute.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.midlandsb.com DigiCert SHA2 Extended Validation Server CA	`2021-03-19` - `2022-04-19`	a year	crt.sh
*.brandcdn.com Amazon	`2021-10-01` - `2022-10-30`	a year	crt.sh
*.easysol.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-31` - `2022-08-31`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-07` - `2022-04-07`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://midlandsb.brunocosta.agency/login/popup
Frame ID: 66252CAB00706AEA9B776C337BBC8156
Requests: 124 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/92haizz/abaz4ng/iframe
Frame ID: DC0B574D585F91C792BA5FB22EDCE2EE
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/92haizz/63bg1so/iframe
Frame ID: EA3C143936D6ADA5F939B2A9752D07B6
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: CE7C0A1D90EDEB426F830BA6D95BC80F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 62E35A7A34EEA3CD2DA8F5D04D77503E
Requests: 1 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=112405&cv_ck=c856a7cb-be13-4cbd-bcfc-839b9b8e80e0&m=midlandsb.brunocosta.agency&r=
Frame ID: 0AA590B037C09C98DCFD9806C9F378BD
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=zkk4k5i&ref=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&upid=pe180x0&upv=1.1.0
Frame ID: F0F80AF149483875FFA97E7C63381FC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Midland States Bank

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

drupal\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

131
Requests

98 %
HTTPS

47 %
IPv6

23
Domains

32
Subdomains

30
IPs

5
Countries

824 kB
Transfer

2450 kB
Size

28
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://midlandstatesbank.btbanking.com/onlineserv/CM/
Title: Business Banking

Search URL Search Domain Scan URL

URL: https://estatements.midlandstatesbank.com/login.jsp
Title: Mortgage Statements

Search URL Search Domain Scan URL

URL: https://www.myaccountaccess.com/onlineCard/login.do
Title: Credit Card Logins

Search URL Search Domain Scan URL

URL: https://clientpoint.fisglobal.com/tdcb/main/UserLogon?bankNumber=7B&subProduct=
Title: Wealth - Trust & Investment

Search URL Search Domain Scan URL

URL: https://clientaccess.rjf.com/
Title: Wealth - Raymond James

Search URL Search Domain Scan URL

URL: https://rtd.retirement.schwabrt.com/participant/
Title: Wealth - (RPS)Retirement Direct

Search URL Search Domain Scan URL

URL: https://www.go-retire.com/midlandsb
Title: Wealth - (RPS)Epic Advisor

Search URL Search Domain Scan URL

URL: https://www.pcs401k.com/midlandsb
Title: Wealth - (RPS) PCS

Search URL Search Domain Scan URL

URL: https://www.midlandstatesbank.com/tob/live/usp-core/app/register
Title: Enroll in Online Banking

Search URL Search Domain Scan URL

URL: https://www.midlandstatesbank.com/tob/live/usp-core/app/authUpdate
Title: Forget Your Password?

Search URL Search Domain Scan URL

URL: https://www.midlandsb.com/online-banking/open-an-account
Title: Open An Account

Search URL Search Domain Scan URL

URL: https://www.midlandsb.com/personal-loans
Title: Personal Loans

Search URL Search Domain Scan URL

URL: https://lending.midlandsb.com/#/milestones?loanType=MORTGAGE
Title: Get a Mortgage Loan

Search URL Search Domain Scan URL

URL: https://orderpoint.deluxe.com/personal-checks/welcome.htm
Title: Reorder Checks

Search URL Search Domain Scan URL

URL: https://smartpay.profitstars.com/express/MSB?returnUrl=https%3A//smartpay.profitstars.com%3A443/express/MSB/Lookup/&locationId=2187025
Title: Express Payments

Search URL Search Domain Scan URL

URL: https://www.midlandsb.com/business-online-account-opening
Title: Open An Account

Search URL Search Domain Scan URL

URL: https://www.deluxe.com/shopdeluxe/home
Title: Reorder Business Checks

Search URL Search Domain Scan URL

URL: https://investoraccess.rjf.com/
Title: Raymond James

Search URL Search Domain Scan URL

URL: https://rtd.retirement.schwabrt.com/participant/login?planCode=3HF
Title: RPS - Retirement Direct

Search URL Search Domain Scan URL

URL: https://midlandsb.everfi-next.net/student/dashboard/financialeducation/midland-sb-owning-home/1456#considering-home-ownership
Title: Considering Homeownership

Search URL Search Domain Scan URL

URL: https://midlandsb.everfi-next.net/student/dashboard/financialeducation/midland-sb-owning-home/1694#buying-home
Title: Guide to Buying a Home

Search URL Search Domain Scan URL

URL: https://investors.midlandsb.com/
Title: Investors

Search URL Search Domain Scan URL

URL: https://www.midlandtc.com/
Title: Midland Trust Company

Search URL Search Domain Scan URL

URL: https://www.midlandinstitute.com/
Title: Midland Institute for Entrepreneurship

Search URL Search Domain Scan URL

URL: https://www.midlandsb.com/statement-partial-conformance-midland-states-bank
Title: Statement of Initial Accessibility

Search URL Search Domain Scan URL

URL: https://www.facebook.com/midlandstatesbank/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/midland-states-bank

Search URL Search Domain Scan URL

URL: https://twitter.com/Wearemidlandsb

Search URL Search Domain Scan URL

URL: https://www.instagram.com/midlandstatesbank/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://insight.adsrvr.org/tags/92haizz/abaz4ng/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/92haizz/abaz4ng/iframe

Request Chain 83

https://insight.adsrvr.org/tags/92haizz/63bg1so/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/92haizz/63bg1so/iframe

Request Chain 100

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 101

https://pixel-a.basis.net/iap/60eac7bc84faf84b HTTP 301
https://pixel.sitescout.com/iap/60eac7bc84faf84b

Request Chain 107

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3641801&time=1648699645932&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3641801%26time%3D1648699645932%26url%3Dhttps%253A%252F%252Fmidlandsb.brunocosta.agency%252Flogin%252Fpopup%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3641801&time=1648699645932&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3641801&time=1648699645932&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&liSync=true&e_ipv6=AQIHVujwfDKwzwAAAX_eKB53ltn29RQraKimpZ15j0KYVWC2Rv8Po9Cl6_e9Q92nSY64_82qCCqRxyQc2r0NJNG0lr2bxg

131 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request popup Show response
midlandsb.brunocosta.agency/login/ 60 KB
16 KB 95ms
28ms Document
text/html 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

429d12a454befd051d12be9c59803746616f252b8a4857458588cf4d761be90f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 1601
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 6f4637ca7898997a-FRA
content-encoding: gzip
content-language: en
content-type: text/html; charset=UTF-8
date: Thu, 31 Mar 2022 04:07:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 31 Mar 2022 08:07:24 GMT
last-modified: Thu, 31 Mar 2022 03:40:43 GMT
link: <https://www.midlandsb.com/login/popup>; rel="canonical"
permissions-policy: interest-cohort=()
server: cloudflare
strict-transport-security: max-age=1000; includeSubDomains
vary: Accept-Encoding, Accept-Encoding,Host
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-576065fe-b0a4-11ec-928f-7bca68d0ea32
x-ua-compatible: IE=edge
x-xss-protection: 1

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 110 KB
40 KB 89ms
34ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5GW3X3P

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

329447027e4b352bbfbe27ce1dc68429660da984330ad530ec2a895d2cd7d406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40360
x-xss-protection: 0
expires: Thu, 31 Mar 2022 04:07:24 GMT

GET
H2 200 align.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 255 B
235 B 28ms
26ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/align.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c2e3a7970d736a77b9c069b04dc19f6ef3051045ef546b7edd1ff8731c2acde

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=484
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 37253
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-bae70468-a067-11ec-abf2-1f103e47744d
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637cad907997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 fieldgroup.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 37 B
281 B 26ms
23ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/fieldgroup.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04d90a369ebc11b0d43aa5710cab8a1b7b458eb51540eda5be7ad8db0b3ea33b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=95
x-cache: HIT
x-cache-hits: 36995
x-ah-environment: prod
content-length: 37
x-request-id: v-bae772d6-a067-11ec-939d-3302ae825326
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
expires: Thu, 14 Apr 2022 04:07:24 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cae908997a-FRA
cf-bgj: minify

GET
H2 200 container-inline.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 155 B
212 B 27ms
24ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/container-inline.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccbf78be3654e960477e90e268d70573a1b248585175c7e270ad616318d63f9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=275
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36926
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-bae7b6b0-a067-11ec-b9c1-4b75a9d53926
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637cae90a997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 clearfix.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 52 B
180 B 33ms
28ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/clearfix.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

754a12dd8ae22818cfa8abe328bc0b605bb92fff540270b062cab041233c2f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=306
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36853
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-bae7f990-a067-11ec-9ed8-bf59f0c300b8
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637cae914997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 details.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 54 B
180 B 30ms
26ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/details.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c81aa3671a3c8d52a54a2ba91802d0984011a5907fdc00461e0caca8b5ba975

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=127
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36829
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-bae87082-a067-11ec-a727-3796e13f4c77
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637cae916997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 hidden.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 319 B
298 B 35ms
31ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/hidden.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e5db09dad1ee1a5a776c1f0b67fd42315f848265c3a856068e56ad73e48ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=1359
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36818
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-bae8beb6-a067-11ec-a3d4-bf09dedef03c
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637cae91a997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 item-list.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 205 B
226 B 31ms
27ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/item-list.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

054123763da10810cbbd026a3f11e365b246d89b9701d07a8776afc87a4675cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=285
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36808
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-bae8ba74-a067-11ec-9e4b-9306d3d327ee
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637cae91b997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 js.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 75 B
197 B 34ms
30ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/js.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0435814fc17e1232f7a1ce3d1ada57a41fd4d7fce5287826c83de1db26b475e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=402
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36822
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-bae8eec2-a067-11ec-a03e-bf5b5aabb345
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637cae91c997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 nowrap.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 27 B
141 B 30ms
26ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/nowrap.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5d941e59e932f8cc684b36597b53a3e981ffc68dab4984afff223d985cd507c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=96
x-cache: HIT
x-cache-hits: 36812
x-ah-environment: prod
content-length: 27
x-request-id: v-bae9309e-a067-11ec-a97f-fbea7c97b685
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
expires: Thu, 14 Apr 2022 04:07:24 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cae91d997a-FRA
cf-bgj: minify

GET
H2 200 position-container.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 38 B
142 B 30ms
26ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/position-container.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a189f9e003a4486a75939a97b000cc9f9a00e04a25bb8d423a9c1e3bfd385b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=95
x-cache: HIT
x-cache-hits: 36810
x-ah-environment: prod
content-length: 38
x-request-id: v-bae938e6-a067-11ec-b296-e37cd440307d
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
expires: Thu, 14 Apr 2022 04:07:24 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cae91e997a-FRA
cf-bgj: minify

GET
H2 200 progress.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 603 B
426 B 41ms
37ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/progress.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eebb7e004629d956e810f39eca97c536eeddc2ee2d601d4a47a388ccfe61f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=825
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36858
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-bae9718a-a067-11ec-8619-e329fcfdac41
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf92f997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 reset-appearance.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 142 B
226 B 42ms
38ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/reset-appearance.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b09b38c6e38cdc7981e573f3237ec1ea1347e1f47d5de72cac87e71e60303cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=274
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36823
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-bae9aa60-a067-11ec-8762-e375b92119ae
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf931997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 resize.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 180 B
327 B 42ms
38ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/resize.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43180fc933cf2814989830ef9cd4fe733f9375d2d293833a971374487d31c830

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=270
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36855
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-baea08a2-a067-11ec-93bd-47837252d47e
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf932997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 sticky-header.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 73 B
199 B 44ms
41ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/sticky-header.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebdc917da1f7852a04dcbd60694fc8c2ea50a7a25a94bb9858383ccdcd750eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=163
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36866
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-baea0cda-a067-11ec-8b05-73ab64449cd4
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf933997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 system-status-counter.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 615 B
476 B 42ms
39ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/system-status-counter.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ab552b917932778a3cb202e5c874a661aac2f6b050201e3b5fe033095d70ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=761
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36883
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3c6356-a067-11ec-bf5f-33adbcf1deca
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf934997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 system-status-report-counters.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 397 B
350 B 42ms
39ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/system-status-report-counters.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142dd3a16aabdf975e6c3d327cd0892021d703f614e94db06cc8bc15a3ed527a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=557
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36930
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3c9e8e-a067-11ec-ad99-5f666c7dfe2f
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf935997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 system-status-report-general-info.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 158 B
233 B 43ms
40ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/system-status-report-general-info.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478343a40a73e7afedde1d34a0531f3d525967e39e2eabb405db4bf6f812c679

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=255
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36909
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3cf690-a067-11ec-8793-13ff119b4557
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf936997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 tablesort.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 245 B
262 B 42ms
39ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/tablesort.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23fcb237f98618bdf3058ece5f7dac84eb885a22cecdf1485cc6f5e8c6818453

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=365
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36907
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-baea7b34-a067-11ec-8747-f372dbf92286
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf937997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 tree-child.module.css
midlandsb.brunocosta.agency/core/modules/system/css/components/ 349 B
265 B 44ms
42ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/system/css/components/tree-child.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff920a0b9304131aab47c3fd9c8d2d219ec0594e4ba8d6d01c4f39f3b63534df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=466
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36857
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-baea8296-a067-11ec-9522-e36a57ff350b
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf939997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 views.module.css
midlandsb.brunocosta.agency/core/modules/views/css/ 265 B
260 B 43ms
41ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/modules/views/css/views.module.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b08e2033838fcdcb043e3bc1e0d958fe38b9e05bffd7297a25a27ef1fb2466

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=434
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36901
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3d7d0e-a067-11ec-9f8b-4b6d26898162
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf93d997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 eu_cookie_compliance.css
midlandsb.brunocosta.agency/modules/contrib/eu_cookie_compliance/css/ 5 KB
1 KB 45ms
42ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/modules/contrib/eu_cookie_compliance/css/eu_cookie_compliance.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35357da85d674e44dd9d0bcf27d335af33385f0229298bad5cd76598aa74a921

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=5884
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36928
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-baecad28-a067-11ec-9be0-1ba8617e9b5e
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf93e997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 paragraphs.unpublished.css
midlandsb.brunocosta.agency/modules/contrib/paragraphs/css/ 49 B
284 B 45ms
43ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/modules/contrib/paragraphs/css/paragraphs.unpublished.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb16eb5e180d8c6a8a15c25a47cfe8a72ccca6c4a497cb607acfecf5f3f1b8c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=57
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36910
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3def96-a067-11ec-8ec0-b73249362ae9
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf940997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 slick.css
midlandsb.brunocosta.agency/themes/midland/css/ 1 KB
585 B 43ms
41ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/slick.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00a269606af95f52ce213e5096cc3a079d73522bc4e3c398789038666bb1454a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=1729
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36932
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3e5e72-a067-11ec-9c0f-1b69cea71b13
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf941997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 slick-theme.css
midlandsb.brunocosta.agency/themes/midland/css/ 2 KB
922 B 44ms
42ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/slick-theme.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b705b26a49eeaeac2264a7d5c990e0ca3925ae4a3d9975efec3e124c8166ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=3128
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36971
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3e9f22-a067-11ec-9ba0-57937e787a1b
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf942997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 icons.css
midlandsb.brunocosta.agency/themes/midland/css/ 1 KB
590 B 42ms
40ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/icons.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57e4175f47ec15d8421dc6bca6a65024644eb30a893ca07e07ec2ebf79c94d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=1458
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36937
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3eb05c-a067-11ec-bf37-1f31d0a84804
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf944997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 style.css
midlandsb.brunocosta.agency/themes/midland/css/ 216 KB
34 KB 47ms
46ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f480d56ea3cda8f289c05f6926ce6e0e2384c1c3be649523c8f435691aafece0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=272207
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 37969
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3ef77e-a067-11ec-b5b7-8bd672f1422c
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf945997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 hacks.midland.css
midlandsb.brunocosta.agency/themes/midland/css/ 12 KB
3 KB 46ms
45ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/hacks.midland.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ad492ee02ae1d814daf040151e66e2b14210545b01e69435aec215f655707b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=14344
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 37036
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3f1074-a067-11ec-bc69-cf412f635df9
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf946997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 SkipTo.css
midlandsb.brunocosta.agency/themes/midland/css/ 5 KB
1 KB 43ms
41ms Stylesheet
text/css 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/SkipTo.css?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09d82bd143f44cec6137cf9338320505b6f98fb99024ccfe00cb0b6626163636

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
cf-polished: origSize=5206
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36945
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be3f6bfa-a067-11ec-9170-039aa7244339
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 6f4637caf947997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 logo.svg
midlandsb.brunocosta.agency/themes/midland/ 13 KB
3 KB 51ms
47ms Image
image/svg+xml 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midlandsb.brunocosta.agency/themes/midland/logo.svg

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f4d83cd5d9508a022764dd99ddaadef39fe5e8b382f40529a44e0d0fc0e8b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1412
x-cache: HIT
x-cache-hits: 36792
x-ah-environment: prod
content-length: 3391
x-request-id: v-a8875d66-a032-11ec-8d59-b3289dbcc32c
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: image/svg+xml
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cc1a88997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 open%20an%20account.webp
www.midlandsb.com/sites/default/files/ 1 KB
1 KB 1140ms
104ms Image
image/webp 34.204.222.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.midlandsb.com/sites/default/files/open%20an%20account.webp

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.222.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-222-125.compute-1.amazonaws.com

Software

nginx /

Resource Hash

252ed92c388e05a090af00a6d7e2ce1d32ea79e176d3ce0ed562047a6f652425

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599960
x-cache: HIT
x-cache-hits: 36712
x-ah-environment: prod
content-length: 1190
x-request-id: v-a8874434-a032-11ec-844a-5bd7cbc954ba
last-modified: Thu, 02 Dec 2021 05:43:55 GMT
server: nginx
vary: Accept-Encoding, Host
content-type: image/webp
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 07 Apr 2022 05:28:04 GMT

GET
H2 200 call.webp
www.midlandsb.com/sites/default/files/ 2 KB
3 KB 1140ms
104ms Image
image/webp 34.204.222.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.midlandsb.com/sites/default/files/call.webp

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.222.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-222-125.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a03bfbcaab15506dbe64b4a071ff984be0e0c4b226101a08c9db3d61fd9a06c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599960
x-cache: HIT
x-cache-hits: 36724
x-ah-environment: prod
content-length: 2392
x-request-id: v-a8878a8e-a032-11ec-af48-9fc4eb1dde28
last-modified: Thu, 02 Dec 2021 06:32:39 GMT
server: nginx
vary: Accept-Encoding, Host
content-type: image/webp
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 07 Apr 2022 05:28:04 GMT

GET
H2 200 Home.webp
www.midlandsb.com/sites/default/files/ 1 KB
2 KB 1240ms
204ms Image
image/webp 34.204.222.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.midlandsb.com/sites/default/files/Home.webp

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.222.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-222-125.compute-1.amazonaws.com

Software

nginx /

Resource Hash

40cbaa302e63d0b2b827385b88fc70ffbeb33f1f2c1ec849e56506e5f66ea60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599960
x-cache: HIT
x-cache-hits: 36679
x-ah-environment: prod
content-length: 1472
x-request-id: v-a88793d0-a032-11ec-813b-a360b9338eac
last-modified: Thu, 02 Dec 2021 05:45:04 GMT
server: nginx
vary: Accept-Encoding, Host
content-type: image/webp
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 07 Apr 2022 05:28:04 GMT

GET
H2 200 footer_logo.webp
www.midlandsb.com/sites/default/files/ 146 B
465 B 1240ms
205ms Image
image/webp 34.204.222.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.midlandsb.com/sites/default/files/footer_logo.webp

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.222.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-222-125.compute-1.amazonaws.com

Software

nginx /

Resource Hash

906082abd4b33d0c13248ff104780fb65afc3c31709eb2f05103dc4280b7e590

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
via: varnish
x-content-type-options: nosniff
age: 599960
x-cache: HIT
x-cache-hits: 36687
x-ah-environment: prod
content-length: 146
x-request-id: v-a8878ba6-a032-11ec-9d5d-bfaf6f6418bc
last-modified: Thu, 02 Dec 2021 05:41:01 GMT
server: nginx
vary: Accept-Encoding, Host
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 07 Apr 2022 05:28:04 GMT

GET
H2 200 borders.js Show response
midlandsb.brunocosta.agency/themes/midland/js/ 1 KB
555 B 26ms
25ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/js/borders.js

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e11d6728e7f90ebb51f2ad77689c17632867dfd1fd3202126cd3f9b80cf22d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1411
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36858
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-a887b05e-a032-11ec-8619-37a60a2f10ea
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cb397a997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 Midland_States_Bank.js Show response
tag.brandcdn.com/autoscript/midlandstatesbank_vfzsrmvvnuvrveu9/ 1 KB
1 KB 111ms
18ms Script
text/javascript 2600:9000:206f:fa00:7:e536:8b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/midlandstatesbank_vfzsrmvvnuvrveu9/Midland_States_Bank.js
Requested by: Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fa00:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8da73251fd28e1938c86b9ca4e57773b2e8fbc46c87a35416b4ae58010576549

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 07:58:57 GMT
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 02:26:11 GMT
server: AmazonS3
age: 72508
etag: "509ab8fc5183d6844f3dbb9c20d4e105"
x-cache: Hit from cloudfront
x-amz-version-id: F2QCmSqFqDszY_eHFG2Vwwdz5MHvckoN
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 1109
x-amz-cf-id: Sjm29DPPVPxQtQR5iP2w33J8V9STHXVo_DSR_dUI179MCfp9JJArsw==

GET
H2 200 jquery.min.js Show response
midlandsb.brunocosta.agency/core/assets/vendor/jquery/ 87 KB
30 KB 26ms
25ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/assets/vendor/jquery/jquery.min.js?v=3.6.0

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 37440
x-ah-environment: prod
content-length: 30902
x-request-id: v-a887b18a-a032-11ec-9cee-cb21a4cf5e88
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cba9f2997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 element.matches.js Show response
midlandsb.brunocosta.agency/core/misc/polyfills/ 135 B
233 B 34ms
28ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/misc/polyfills/element.matches.js?v=9.3.6

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd6ac65cc62dd328be8a4406eb75017ea38efca8950da067f86b7c89ed3bf7b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=285
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
x-cache-hits: 37316
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-e6ea4bcc-a032-11ec-a5ba-4397739d5a6f
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa3b997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 object.assign.js Show response
midlandsb.brunocosta.agency/core/misc/polyfills/ 558 B
442 B 30ms
22ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/misc/polyfills/object.assign.js?v=9.3.6

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d9520c68c06b18b29c1070192a5117ea9576092e29354341b76879652e10825

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1411
cf-polished: origSize=922
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
x-cache-hits: 37289
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-e6ea9a50-a032-11ec-bb4d-2f975659ee5a
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa3d997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 css.escape.js Show response
midlandsb.brunocosta.agency/core/assets/vendor/css-escape/ 1 KB
684 B 31ms
24ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/assets/vendor/css-escape/css.escape.js?v=1.5.1

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f063bfee66e739419a9efbea66afe600b386247018269200fcd2391cf772209f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=3153
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
x-cache-hits: 36951
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-a887f7b2-a032-11ec-a39f-437623a0ca97
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa3e997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 underscore-min.js Show response
midlandsb.brunocosta.agency/core/assets/vendor/underscore/ 19 KB
7 KB 30ms
23ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/assets/vendor/underscore/underscore-min.js?v=1.13.1

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

218fb1c1fc72e9af6b866f430be2a67fa376392b4db2f4dbf32772671b6ae55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 37178
x-ah-environment: prod
content-length: 7492
x-request-id: v-a888068a-a032-11ec-90a7-bbbef6272be7
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cbfa3f997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 once.min.js Show response
midlandsb.brunocosta.agency/core/assets/vendor/once/ 1 KB
808 B 38ms
29ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/assets/vendor/once/once.min.js?v=1.0.1

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 36960
x-ah-environment: prod
content-length: 699
x-request-id: v-a8880694-a032-11ec-986d-ebb9fa60cc30
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cbfa45997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 jquery.once.min.js Show response
midlandsb.brunocosta.agency/core/assets/vendor/jquery-once/ 908 B
543 B 39ms
31ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.3

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 37523
x-ah-environment: prod
content-length: 438
x-request-id: v-a8881bac-a032-11ec-8d4a-676099a1e820
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cbfa46997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 drupalSettingsLoader.js Show response
midlandsb.brunocosta.agency/core/misc/ 347 B
331 B 32ms
24ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/misc/drupalSettingsLoader.js?v=9.3.6

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acf6e6c9052449f71763158aa2eb5e0a89dee411fc365ad62c6aacd054b13b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=518
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
x-cache-hits: 37362
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-e6ea6dbe-a032-11ec-ab29-1312190428ff
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa49997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 drupal.js Show response
midlandsb.brunocosta.agency/core/misc/ 5 KB
2 KB 36ms
28ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/misc/drupal.js?v=9.3.6

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a32c9d276605795d91796c1f3b3295eb284a4a8dea8ff1c037d71f3497ed687b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=6388
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
x-cache-hits: 36773
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-e6ea793a-a032-11ec-9490-cb1f5708c604
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa4a997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 drupal.init.js Show response
midlandsb.brunocosta.agency/core/misc/ 487 B
457 B 33ms
26ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/misc/drupal.init.js?v=9.3.6

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d20cab0cceff028b04f87ca0aa24242fe2197f53d3874c361f9296deb14135a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=733
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
x-cache-hits: 37400
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-e6ea9690-a032-11ec-bad5-e7c63d0ae892
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa4b997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 index.umd.min.js Show response
midlandsb.brunocosta.agency/core/assets/vendor/tabbable/ 4 KB
2 KB 37ms
30ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/assets/vendor/tabbable/index.umd.min.js?v=5.2.1

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9c32e5c3b23550d7271932a949698a13a2f7f2ed04f687b0e55c235172a23e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 36958
x-ah-environment: prod
content-length: 1609
x-request-id: v-a8882d04-a032-11ec-a08a-f356dbb92dd9
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cbfa4c997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 progress.js Show response
midlandsb.brunocosta.agency/core/misc/ 2 KB
1 KB 39ms
31ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/misc/progress.js?v=9.3.6

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00738558dc86e055233d4e9d4025eb168cdf26ab9a62932cca16af66d0e3f73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=2922
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
x-cache-hits: 36774
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-e6ea8e8e-a032-11ec-972c-1b61e6fb6c9a
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa4e997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 progress.js Show response
midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/misc/ 1 KB
707 B 31ms
24ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/misc/progress.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7524adca439fd5b719b599a80b4622816b6544f9388f32507bab59cb5f1cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=2217
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36377
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5a40b0-a067-11ec-b181-bbb48f318185
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa4f997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 jquery.once.bc.js Show response
midlandsb.brunocosta.agency/core/misc/ 977 B
515 B 30ms
23ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/misc/jquery.once.bc.js?v=9.3.6

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eb8831df2a584bdd322e593d218bcb07089b95ae898f7fd921297874b06c018

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=1274
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
x-cache-hits: 36754
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-e6ea784a-a032-11ec-8b71-83d9b198b8e3
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa50997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 ajax.js Show response
midlandsb.brunocosta.agency/core/misc/ 18 KB
5 KB 31ms
24ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/misc/ajax.js?v=9.3.6

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d110ab886122b4cc15689ee3182e8b2e990cf06b7624c6d19c8590be72fed2dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=22766
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
x-cache-hits: 36942
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-e6ea54b4-a032-11ec-8cf4-533e4c6b40db
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa51997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 ajax.js Show response
midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/misc/ 2 KB
824 B 31ms
24ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/misc/ajax.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25475e5b74a5eef4b00115c105cdc7c706cb20ad114df7b638fdbbff65669f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=3931
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36325
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5a7f6c-a067-11ec-aca9-97e9090c121b
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa53997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 affix.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 3 KB
1 KB 32ms
25ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/affix.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1ebdc2799ca6831eaf1d56f1b9594343f114d6dc4c0d1fdc164d2db25b2482

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=4838
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36295
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5ab7c0-a067-11ec-b206-b33c6697cda8
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa55997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 alert.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 1 KB
718 B 32ms
25ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/alert.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9416bec2a4a057c3bf9b044420a0582257c8896c192a5283132ba30cbd17ae1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=2284
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36283
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5ae326-a067-11ec-b4b3-c3d08fe80527
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa56997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 button.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 2 KB
1 KB 32ms
26ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/button.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f8986e62548fd9ff39f9fa3846c3ac731ca0d9d871942e28be11592b5494f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=3824
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36285
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5b2516-a067-11ec-bca6-43b0db0e692e
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa57997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 carousel.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 5 KB
2 KB 33ms
26ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/carousel.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4580bc049376cef3db42217a5d0b69fcd23c616e44f8b53d527c77a89a1b1b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=7141
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36301
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5b4474-a067-11ec-a97d-e7a44e1b8795
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa58997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 collapse.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 4 KB
1 KB 33ms
27ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/collapse.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da797e16831e1c354343f5c4e0255a1b35cd4d09a7334b209d56a3ad4d94b7eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=5991
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36326
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5b8664-a067-11ec-89fa-0fcc760f716a
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa59997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 dropdown.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 3 KB
1 KB 34ms
28ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/dropdown.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d3b4ce2561623c03a2a17c259c403182cfb5ab2159e4b8d6185b95c2353b40e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=4743
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36320
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5bab8a-a067-11ec-9dd3-ff70a5ec3b67
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa5a997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 modal.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 7 KB
2 KB 32ms
26ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/modal.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ec549703cc672f20792c0675d1c8f2a11c5acf4569e90be2eef4636f4ff497

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=9987
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36360
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5bea6e-a067-11ec-aee9-272bd4807ef6
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cbfa5c997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 tooltip.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 12 KB
4 KB 45ms
39ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/tooltip.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f41af81bae4a1e7a0227e3b5d6e9a449a6f981e1927a110ef0741c53e64c6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=16719
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36392
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5c25ba-a067-11ec-a1cb-b73de0710870
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a74997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 popover.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 2 KB
970 B 44ms
38ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/popover.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e736ea0abd3665acd97e53a00dd2f6eab8e1ead5a51dbf03a04e9cf268d7a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=3163
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36303
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5c3f14-a067-11ec-aa8e-bf2be030ef5a
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a77997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 scrollspy.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 3 KB
1 KB 48ms
42ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/scrollspy.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b2abf9500a5e11c9547b4d515ba5d8d2cddae4acdc94c441594b4757e02f5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=4707
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36288
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5c6c8c-a067-11ec-b434-bf02a4230c57
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a79997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 tab.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 2 KB
1 KB 45ms
39ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/tab.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42fcd5fa66ce508f2ac8b49b358962f88784343c68eb9e73947940da045812b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=3905
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36279
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5cabac-a067-11ec-9d82-3f9ed0cb84ce
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a7a997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 transition.js Show response
midlandsb.brunocosta.agency/themes/midland/bootstrap/js/ 921 B
546 B 55ms
50ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/bootstrap/js/transition.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94715a76e465f1122bbbf32d3865dfd9e7238bfef93e50ebdedda99cc62f931b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=1831
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36279
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5cd2d0-a067-11ec-8b55-4b83ef726160
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a7b997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 drupal.bootstrap.js Show response
midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/ 8 KB
3 KB 56ms
51ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/drupal.bootstrap.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee7107ff1b4f4da253dbecec7e593f6e39872239b4c6414463be5b56121b47e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=18660
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36374
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5d217c-a067-11ec-b6df-d3327f0d29ab
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a7c997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 attributes.js Show response
midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/ 4 KB
1 KB 46ms
41ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/attributes.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

674ffee773da54d5c276d9a2ca9f2151a6e9065b57f7ed4e27fc94517c87340f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=10066
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36383
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5d2f78-a067-11ec-84fa-cb3efbf97e2d
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a7d997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 theme.js Show response
midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/ 2 KB
722 B 45ms
40ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/theme.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c357e5296fcb72cebe77e61bb4955af53e881e4dfecd83ae961ebe7caeaac03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=5248
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36222
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5d70fa-a067-11ec-9c02-ff6b748a1daf
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a7e997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 utility.js Show response
midlandsb.brunocosta.agency/themes/midland/js/ 2 KB
823 B 46ms
42ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/js/utility.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88dedf597b1f4e4022d4abc1eff922cfc83de5101d5bcbbaa5b57e51e8203059

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=2130
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36252
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5d8f4a-a067-11ec-a1a3-f37e6a6865ab
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a7f997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 site.js Show response
midlandsb.brunocosta.agency/themes/midland/js/ 18 KB
4 KB 47ms
42ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/js/site.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

767edf7c23bc04c8104cb4ed5968be22208244e5f59491554996b7c64cbe7525

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=29796
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36508
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5ddbb2-a067-11ec-9800-ff589bf99504
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a81997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 slick.js Show response
midlandsb.brunocosta.agency/themes/midland/js/ 50 KB
11 KB 51ms
47ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/js/slick.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f068f14904df1d01ea0fd6878171f1b5867de81db4f3a6a2f7809b611129929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=84201
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36682
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5df052-a067-11ec-8315-9bf72299f3c0
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a82997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 skipTo.js Show response
midlandsb.brunocosta.agency/themes/midland/js/ 8 KB
3 KB 52ms
47ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/js/skipTo.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0994832240e7d40a25510f107efc6f53dfdcf025f7a89b8edd7cdb4954a63ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=14531
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36427
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5e3b7a-a067-11ec-8700-b363a2d3c9e3
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a83997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 dropMenu.js Show response
midlandsb.brunocosta.agency/themes/midland/js/ 2 KB
984 B 45ms
41ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/js/dropMenu.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74140c5f65eee6881756ccf75dffecf017ff8a3cf90f74911ae6d59c2cbd60b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=4764
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36331
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5e5e16-a067-11ec-93cb-434d14439dc2
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a84997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 js.cookie.min.js Show response
midlandsb.brunocosta.agency/core/assets/vendor/js-cookie/ 2 KB
971 B 52ms
48ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/core/assets/vendor/js-cookie/js.cookie.min.js?v=3.0.1

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 36762
x-ah-environment: prod
content-length: 823
x-request-id: v-a8b76a2e-a032-11ec-9e70-d7d6d64565d4
last-modified: Thu, 10 Mar 2022 05:21:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cc1a85997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 eu_cookie_compliance.js Show response
midlandsb.brunocosta.agency/modules/contrib/eu_cookie_compliance/js/ 41 KB
6 KB 53ms
50ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/modules/contrib/eu_cookie_compliance/js/eu_cookie_compliance.js?v=1.19

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a487ef4a4dc93c1764ed546900dc774945257c4ff7a25ba22bf9cd3df60c5bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=59017
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:52 GMT
x-cache-hits: 36926
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-a8b786b2-a032-11ec-9d16-839cfe8ada0b
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a89997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 popover.js Show response
midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/ 3 KB
1 KB 45ms
41ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/popover.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f789480b9b23aea49489e81555a2b8d702abdb3faff634d4a42476a6f19c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=5659
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36129
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5e9b74-a067-11ec-a8f3-6fbf05473aac
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a86997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 tooltip.js Show response
midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/ 1006 B
555 B 44ms
40ms Script
application/javascript 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/contrib/bootstrap/js/tooltip.js?r8j216

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab0cb68a54ce8eaa6ef7cc65f138f81c0e45baa50eb974f69037c0d88b73f9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=1684
x-cache: HIT
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
x-cache-hits: 36120
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-be5eb1b8-a067-11ec-9a04-f76154fc07b9
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 6f4637cc1a87997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
74 KB 99ms
44ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PSQDPS7

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0063fc6732f22bf57cac6dd75c07671e19d0ea88c8419fd2c94e8844e6c3f975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75440
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 31 Mar 2022 04:07:24 GMT

GET
H/1.1 200
OK detect.js Show response
detectca.easysol.net/detectca/scripts/Kgh7ceoloPUv5c0bfwIhSURoi5AeNF/ 2 KB
2 KB 463ms
104ms Script
application/javascript 107.23.44.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://detectca.easysol.net/detectca/scripts/Kgh7ceoloPUv5c0bfwIhSURoi5AeNF/detect.js
Requested by: Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 107.23.44.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-44-14.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bccf14981b00b2c94f8662bca2f5cdf09327f21d85e9a163c1208b501a24b1cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 04:07:25 GMT
Last-Modified: Tue, 24 Aug 2021 00:00:00 GMT
Server: nginx
ETag: "61243680-66c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1644

GET
H2 200 Avenir-Book.ttf
midlandsb.brunocosta.agency/themes/midland/css/fonts/ 140 KB
63 KB 44ms
43ms Font
application/font-sfnt 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/fonts/Avenir-Book.ttf

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d21bcf9f665cf65286c5d37e197678eca2dae714d9fb3a5bab65f7464ea2608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216
Origin: https://midlandsb.brunocosta.agency
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 37648
x-ah-environment: prod
content-length: 64617
x-request-id: v-ac26d2d0-a032-11ec-9e4e-47e3cfa7e4bc
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/font-sfnt
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cc1a8b997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
midlandsb.brunocosta.agency/themes/midland/fonts/ 18 KB
18 KB 45ms
44ms Font
font/woff2 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216
Origin: https://midlandsb.brunocosta.agency
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 34434
x-ah-environment: prod
content-length: 18061
x-request-id: v-ab8422ce-a032-11ec-b40b-439f2fcd2439
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: font/woff2
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cc1a8c997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 Avenir-Medium.ttf
midlandsb.brunocosta.agency/themes/midland/css/fonts/ 136 KB
62 KB 33ms
33ms Font
application/font-sfnt 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/fonts/Avenir-Medium.ttf

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a9b5f6c59a1345f89dabc78e0bd0658dcae7a3bbf9f6d9191b734ca1354345f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216
Origin: https://midlandsb.brunocosta.agency
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 37612
x-ah-environment: prod
content-length: 63387
x-request-id: v-ac4bee62-a032-11ec-8822-d3dc1be26fcb
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/font-sfnt
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cc1a8d997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/92haizz/abaz4ng/ Frame DC0B
Redirect Chain

https://insight.adsrvr.org/tags/92haizz/abaz4ng/iframe
https://d1eoo1tco6rr5e.cloudfront.net/92haizz/abaz4ng/iframe

133 B
663 B

79ms
19ms

Document
text/html

143.204.205.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/92haizz/abaz4ng/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/midlandstatesbank_vfzsrmvvnuvrveu9/Midland_States_Bank.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ba5e003effc465a9771152d0ff3efc35746b75498ed2bd70fbd8753a8ba3f23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 72508
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 133
Content-Type: text/html
Date: Wed, 30 Mar 2022 07:58:58 GMT
ETag: "d79f32be75d4761c5b897a4d106393ce"
Last-Modified: Fri, 01 Oct 2021 23:54:18 GMT
Server: AmazonS3
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
X-Amz-Cf-Id: nJXeLpfKOF8hwuBP-8QPBvAN4biXEAqeFIPaeZ3bh88ILRyaN3mGEg==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Thu, 31 Mar 2022 04:07:24 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/92haizz/abaz4ng/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 cv_pixel.js Show response
adservices.brandcdn.com/pixel/ 2 KB
1 KB 557ms
176ms Script
application/javascript 52.8.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/midlandstatesbank_vfzsrmvvnuvrveu9/Midland_States_Bank.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.106.50 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-106-50.us-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 14:43:33 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "613-5c0a4d1fc7d19-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 745

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/92haizz/63bg1so/ Frame EA3C
Redirect Chain

https://insight.adsrvr.org/tags/92haizz/63bg1so/iframe
https://d1eoo1tco6rr5e.cloudfront.net/92haizz/63bg1so/iframe

133 B
663 B

79ms
18ms

Document
text/html

143.204.205.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/92haizz/63bg1so/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/midlandstatesbank_vfzsrmvvnuvrveu9/Midland_States_Bank.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ebc99686d5bef49c1f758c77fe663c219ea363ba21af2fee7fca3e24cdacc20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 59846
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 133
Content-Type: text/html
Date: Wed, 30 Mar 2022 11:29:59 GMT
ETag: "a4abbd6f8144dbd10329c7fd1293fc14"
Last-Modified: Fri, 01 Oct 2021 23:54:19 GMT
Server: AmazonS3
Via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 6ei5Q7Sz5U-sRzkIUtc3Dhi2TCKIkX8dUvpS_aPyWWQY9-UWZpEOMQ==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Thu, 31 Mar 2022 04:07:24 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/92haizz/63bg1so/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 128ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=92haizz&ct=0:63bg1so&fmt=3
Requested by: Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 required.svg
midlandsb.brunocosta.agency/themes/midland/images/ 513 B
461 B 27ms
27ms Image
image/svg+xml 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midlandsb.brunocosta.agency/themes/midland/images/required.svg

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1411
x-cache: HIT
x-cache-hits: 26396
x-ah-environment: prod
content-length: 348
x-request-id: v-aff72b6c-a032-11ec-b7ff-d73b077479ee
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: image/svg+xml
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cc3aac997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 instagram.png
midlandsb.brunocosta.agency/themes/midland/images/ 2 KB
2 KB 24ms
24ms Image
image/png 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midlandsb.brunocosta.agency/themes/midland/images/instagram.png

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/themes/midland/css/icons.css?r8j216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a512f2f42a10ad367c3487b6976e708756e49b21a7ee0ffee522575df0a7f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/themes/midland/css/icons.css?r8j216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1409
cf-polished: origSize=3259, status=vary_header_present
x-cache: HIT
x-cache-hits: 35467
x-ah-environment: prod
content-length: 1635
x-request-id: v-ac0970b4-a032-11ec-83a5-37466b36c59e
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: image/png
expires: Thu, 14 Apr 2022 04:07:24 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cc3ab1997a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Avenir-Black.ttf
midlandsb.brunocosta.agency/themes/midland/css/fonts/ 89 KB
41 KB 26ms
26ms Font
application/font-sfnt 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/fonts/Avenir-Black.ttf

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b26a403a5aafc900bd2c37110d146c940c2c10df1a47cd13f13d3a76f84a236

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midlandsb.brunocosta.agency/themes/midland/css/style.css?r8j216
Origin: https://midlandsb.brunocosta.agency
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
x-cache: HIT
x-cache-hits: 37320
x-ah-environment: prod
content-length: 41602
x-request-id: v-ac26d0c8-a032-11ec-8c3e-239a66456bd5
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/font-sfnt
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cc3ab4997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 midland.ttf
midlandsb.brunocosta.agency/themes/midland/css/fonts/ 3 KB
2 KB 28ms
28ms Font
application/font-sfnt 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://midlandsb.brunocosta.agency/themes/midland/css/fonts/midland.ttf?zhnmxv

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/themes/midland/css/icons.css?r8j216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28c7d25b5beb888c30843e157017a895032768128f384ae1f0bb567ecb4c894f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midlandsb.brunocosta.agency/themes/midland/css/icons.css?r8j216
Origin: https://midlandsb.brunocosta.agency
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1409
x-cache: HIT
x-cache-hits: 36232
x-ah-environment: prod
content-length: 1939
x-request-id: v-ab850d60-a032-11ec-985d-03cf5c28a6c3
last-modified: Thu, 10 Mar 2022 05:21:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: application/font-sfnt
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637cc3ab7997a-FRA
expires: Thu, 14 Apr 2022 04:07:24 GMT

GET
H2 200 equal.png
midlandsb.brunocosta.agency/sites/default/files/inline-images/ 422 B
580 B 24ms
24ms Image
image/png 2606:4700::6812:f001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midlandsb.brunocosta.agency/sites/default/files/inline-images/equal.png

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428e5c21006e900dfd6bc69809f153e15073fa54b7db08412c503aaa1105af4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1410
cf-polished: origSize=863, status=vary_header_present
x-cache: HIT
x-cache-hits: 16494
x-ah-environment: prod
content-length: 422
x-request-id: v-0df78566-ab34-11ec-8a24-cbea704fe505
last-modified: Wed, 05 Jul 2017 16:04:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Host
content-type: image/png
expires: Thu, 14 Apr 2022 04:07:24 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6f4637ccbb55997a-FRA
cf-bgj: imgq:85,h2pri

GET
DATA 200
OK truncated
/ 86 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2a4bb1b22e7b83d7aef549c3e5c9e3a2c4e4ed478698c14352adbacb4acf5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4af4d02de579bc4d4a9084420c5dd38af4c1c582c46ba6bd742a579e11e62611

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CQH2S9YXGS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQDPS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81ab63624d831469df7fb0fcca1239f2eb42d08e87d84844c17e5e946147acc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65660
x-xss-protection: 0
expires: Thu, 31 Mar 2022 04:07:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 64ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQDPS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: IhKXzYGLZfSu7nvz65d3TTC5XLKYjCaPVQEznZKHZCRHpRaYFwYZ6X1AJegI8CyKOPuHegU/0darEMjvm2ZSQg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 31 Mar 2022 04:07:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 74ms
31ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQDPS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14883
x-xss-protection: 0
server: cafe
etag: 14534967036905587165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 04:07:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQDPS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1955
date: Thu, 31 Mar 2022 03:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 31 Mar 2022 05:34:50 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 65ms
19ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dc7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQDPS7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dc7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 04:07:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Mar 2022 23:45:34 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=45125
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3104

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 86ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQDPS7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00B1968D8F174CBAAFB71CD4BA18FB17 Ref B: FRAEDGE1216 Ref C: 2022-03-31T04:07:25Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 31 Mar 2022 04:07:24 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 hotjar-2850189.js Show response
static.hotjar.com/c/ 4 KB
2 KB 107ms
56ms Script
application/javascript 65.9.66.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2850189.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQDPS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-123.fra56.r.cloudfront.net

Software

Resource Hash

7cbee543b95e7bf76fae0ab23da7c7822b9420ac041be73ac7d187d6b089cd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache-hit: 1
etag: W/eeba7fea702494fd9fa4725452ea1777
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 1873
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-id: nR7UWYhShu_XL8PzUlkDv65aIQHEoEdI8J-M0cpasJ4tKo66kTKWHQ==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 67ms
19ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSQDPS7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-118.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 07:42:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 73507
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P2
X-Amz-Cf-Id: u2yC1hN7KBGVGdKfv1yIQoSBfxOhoBPWhtM7qhvfS7S_KR-G_jouvQ==

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame CE7C
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

107ms
38ms

Document
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/login/popup
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 31 Mar 2022 04:07:24 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

60eac7bc84faf84b
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/60eac7bc84faf84b
https://pixel.sitescout.com/iap/60eac7bc84faf84b

0
191 B

106ms
38ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/60eac7bc84faf84b
Requested by: Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup
Protocol: H2
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:24 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/60eac7bc84faf84b
content-length: 0

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame EA3C 70 B
260 B 41ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=92haizz&ct=0:63bg1so&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/92haizz/63bg1so/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame DC0B 70 B
260 B 40ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=92haizz&ct=0:abaz4ng&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/92haizz/abaz4ng/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 62ms
26ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CQH2S9YXGS&gtm=2oe3n1&_p=1508543976&sr=1600x1200&ul=en-us&cid=1769850321.1648699646&_s=1&dl=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&dt=Login%20%7C%20Midland%20States%20Bank&sid=1648699645&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CQH2S9YXGS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midlandsb.brunocosta.agency
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 43ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.57

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

167549d476f2de7aafe21665a35957328e7978580fdad0f2e387ea9ff67a2210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20657
x-xss-protection: 0
pragma: public
x-fb-debug: 744l0520GcNyPfcp1+/N6Klw+wQNKX6RHK4HvSNyGaTUFCwvC2NrPHEoXj/baoag8qH8wsZyG5Gob+0A89aLIg==
x-frame-options: DENY
date: Thu, 31 Mar 2022 04:07:25 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 156090136404498 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 91ms
70ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/156090136404498?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d201fdfd02f5b39bd55ec5eb83cd225f461822c57f80ab7093bc95dfcf44a170

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: j1C5oHC2RDcx7mdsYARDQuFqgexo9zOD3Qy2Ghw8J/r7DCMlsPwBRaOdbFVEKhoIzC4NsM7oPhmk7tiJ9uUGdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 31 Mar 2022 04:07:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3641801&time=1648699645932&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3641801%26time%3D1648699645932%26url%3Dhttps%253A%252F%252Fmidlandsb.brunocosta.a...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3641801&time=1648699645932&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3641801&time=1648699645932&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&liSync=true&e_ipv6=AQIHVujwfDKwzwAAAX_eKB53ltn29RQraKimp...

0
264 B

163ms
122ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3641801&time=1648699645932&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&liSync=true&e_ipv6=AQIHVujwfDKwzwAAAX_eKB53ltn29RQraKimpZ15j0KYVWC2Rv8Po9Cl6_e9Q92nSY64_82qCCqRxyQc2r0NJNG0lr2bxg
Requested by: Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F9EC53FD972548C982076452E63635CA Ref B: FRAEDGE0821 Ref C: 2022-03-31T04:07:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXbe8y5SYlx8A4/8e0esQ==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 31 Mar 2022 04:07:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: ED23E494A94A4823B50F95CA6AD132AE Ref B: FRAEDGE1506 Ref C: 2022-03-31T04:07:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3641801&time=1648699645932&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&liSync=true&e_ipv6=AQIHVujwfDKwzwAAAX_eKB53ltn29RQraKimpZ15j0KYVWC2Rv8Po9Cl6_e9Q92nSY64_82qCCqRxyQc2r0NJNG0lr2bxg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXbe8y2z2p1QjVYrbkF2Q==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/772963994/ 2 KB
2 KB 88ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/772963994/?random=1648699645936&cv=9&fst=1648699645936&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&tiba=Login%20%7C%20Midland%20States%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b278f08c50fe0f7b17fe64971145abb7ee61c64e0fa35f739672a6630756d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 24ms
24ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1508543976&t=pageview&_s=1&dl=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&dp=%2Flogin%2Fpopup&ul=en-us&de=UTF-8&dt=Login%20%7C%20Midland%20States%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAC~&jid=475797493&gjid=1447251576&cid=1769850321.1648699646&tid=UA-32423488-1&_gid=1994356155.1648699646&_r=1&gtm=2wg3n1PSQDPS7&z=1761753672

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midlandsb.brunocosta.agency/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midlandsb.brunocosta.agency
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 56379347.js Show response
bat.bing.com/p/action/ 0
118 B 199ms
199ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56379347.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66B17AD8424746D5A14F33D567F3A3D5 Ref B: FRAEDGE1216 Ref C: 2022-03-31T04:07:25Z
date: Thu, 31 Mar 2022 04:07:25 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 48ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56379347&tm=gtm002&Ver=2&mid=18aa7e9e-d06d-4904-bfb9-d5afa76bb1db&sid=12e7dd90b0a811ec8c8a91a564f0f0ff&vid=12e82ed0b0a811ec8ddb8b94ac665f00&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Login%20%7C%20Midland%20States%20Bank&p=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&r=&lt=543&evt=pageLoad&msclkid=N&sv=1&rn=994119

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0565417D5EC74FADA8B912DEDA808BDB Ref B: FRAEDGE1216 Ref C: 2022-03-31T04:07:25Z
date: Thu, 31 Mar 2022 04:07:25 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 95ms
21ms Script
application/javascript 99.86.7.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2850189.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-16.fra6.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1796719
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ShmP0lhr1480h8r8diMK0Gs-qRxwpNMa5YjI0YsSjHyXKz8sJdXTVQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 111ms
37ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-32423488-1&cid=1769850321.1648699646&jid=475797493&gjid=1447251576&_gid=1994356155.1648699646&_u=YCDACEAABAAAAC~&z=1818520140

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://midlandsb.brunocosta.agency/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 31 Mar 2022 04:07:25 GMT
content-type: text/plain
access-control-allow-origin: https://midlandsb.brunocosta.agency
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK DetectCA.png
detectca.easysol.net/detectca/images/Kgh7ceoloPUv5c0bfwIhSURoi5AeNF/ 82 B
296 B 108ms
108ms Image
image/png 107.23.44.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://detectca.easysol.net/detectca/images/Kgh7ceoloPUv5c0bfwIhSURoi5AeNF/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/100.0.4896.60%20Safari/537.36&sr=1600%20x%201200&url=https://midlandsb.brunocosta.agency/login/popup&rf=&nc=0.04350762265628161
Requested by: Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 107.23.44.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-44-14.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 31 Mar 2022 04:07:25 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK DetectCA.png
detectca.easysol.net/detectca/images/Kgh7ceoloPUv5c0bfwIhSURoi5AeNF/ 82 B
296 B 217ms
107ms Image
image/png 107.23.44.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://detectca.easysol.net/detectca/images/Kgh7ceoloPUv5c0bfwIhSURoi5AeNF/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/100.0.4896.60%20Safari/537.36&sr=1600%20x%201200&url=https://midlandsb.brunocosta.agency/login/popup&rf=&nc=0.16648253092716403
Requested by: Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 107.23.44.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-44-14.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 31 Mar 2022 04:07:25 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 62E3 2 KB
1 KB 93ms
22ms Document
text/html 108.157.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2850189.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-53.dus51.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 4734919
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Feb 2022 08:52:06 GMT
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
vary: Accept-Encoding
via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id: NTO0KKFG4o2tlKuAUC8IRawdfLhTWPx01i1CDOf5etDEH2MFR2wOmg==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 /
www.google.com/pagead/1p-user-list/772963994/ 42 B
548 B 104ms
33ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/772963994/?random=1648699645936&cv=9&fst=1648699200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&tiba=Login%20%7C%20Midland%20States%20Bank&async=1&fmt=3&is_vtc=1&random=3019991836&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/772963994/ 42 B
548 B 106ms
35ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/772963994/?random=1648699645936&cv=9&fst=1648699200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&tiba=Login%20%7C%20Midland%20States%20Bank&async=1&fmt=3&is_vtc=1&random=3019991836&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 83ms
19ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156090136404498&ev=PageView&dl=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&rl=&if=false&ts=1648699646072&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1648699646070.312019716&it=1648699645928&coo=false&tm=1&rqm=GET

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 31 Mar 2022 04:07:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 83ms
19ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156090136404498&ev=PageView&dl=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&rl=&if=false&ts=1648699646076&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1648699646070.312019716&it=1648699645928&coo=false&rqm=GET

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 31 Mar 2022 04:07:25 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
28ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-32423488-1&cid=1769850321.1648699646&jid=475797493&_u=YCDACEAABAAAAC~&z=796011818

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-32423488-1&cid=1769850321.1648699646&jid=475797493&_u=YCDACEAABAAAAC~&z=796011818

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 04:07:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2850189/ 147 B
323 B 142ms
47ms XHR
application/json 99.80.161.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2850189/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.161.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c

Request headers

Referer: https://midlandsb.brunocosta.agency/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 content Show response
ws31.hotjar.com/api/v2/sites/2850189/recordings/ 66 B
257 B 288ms
90ms XHR
application/json 54.229.132.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws31.hotjar.com/api/v2/sites/2850189/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.132.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-132-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c6cb5e637e5375e5032f0ea0162fba9062eadb36d53bf41db8bb49bb1f0dda0e

Request headers

Referer: https://midlandsb.brunocosta.agency/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 38ms
18ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156090136404498&ev=Microdata&dl=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&rl=&if=false&ts=1648699646574&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20%7C%20Midland%20States%20Bank%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40graph%22%3A%5B%7B%22%40type%22%3A%22Organization%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.midlandsb.com%22%2C%22name%22%3A%22Midland%20States%20Bank%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCNstSpXxa67atcQeyjS7Iaw%22%2C%22https%3A%2F%2Ftwitter.com%2FWearemidlandsb%22%2C%22com%2Fcompany%2Fmidland-states-bank%22%2C%22https%3A%2F%2Fwww.facebook.com%2Fmidlandstatesbank%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.midlandsb.com%22%2C%22contactPoint%22%3A%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B1%20(855)%20696-4352%22%2C%22contactType%22%3A%22customer%20service%22%2C%22email%22%3A%22MarketingDepartment%40midlandsb.com%22%7D%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fwww.midlandsb.com%2Fsites%2Fdefault%2Ffiles%2Ffooter_logo.png%22%7D%2C%22address%22%3A%7B%22%40type%22%3A%22PostalAddress%22%2C%22streetAddress%22%3A%22Midland%20States%20Bank%2C%201201%20Network%20Centre%20Drive%22%2C%22addressLocality%22%3A%22Effingham%22%2C%22addressRegion%22%3A%22IL%22%2C%22postalCode%22%3A%2262401%22%2C%22addressCountry%22%3A%22USA%22%7D%7D%2C%7B%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Midland%20States%20Bank%22%2C%22url%22%3A%22https%3A%2F%2Fwww.midlandsb.com%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1648699646070.312019716&it=1648699645928&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 31 Mar 2022 04:07:25 GMT

GET
H2 200 nr-1215.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 52ms
16ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1215.min.js
Requested by: Host: midlandsb.brunocosta.agency
URL: https://midlandsb.brunocosta.agency/login/popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding: gzip
etag: "615035bb6557b191e767e19087efabaf"
fastly-original-body-size: 36751
x-amz-request-id: QFKCVYMWVXV57D81
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13666
x-amz-id-2: Zx9EJjHbeOVSwdQX05/YP5tgHTZJlS3z5H4UdevVIbf3+UWHovoR+hmvoOT3GJ+BVIsZ+ZhoLxg=
x-served-by: cache-hhn4057-HHN
last-modified: Mon, 24 Jan 2022 22:13:53 GMT
server: AmazonS3
x-timer: S1648699646.072073,VS0,VE0
date: Thu, 31 Mar 2022 04:07:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2926

GET
H2 200 cv Show response
adservices.brandcdn.com/pixel/ Frame 0AA5 4 KB
2 KB 176ms
176ms Document
text/html 52.8.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv?aid=112405&cv_ck=c856a7cb-be13-4cbd-bcfc-839b9b8e80e0&m=midlandsb.brunocosta.agency&r=
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.106.50 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-106-50.us-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1137
content-location: cv.html
content-type: text/html
date: Thu, 31 Mar 2022 04:07:26 GMT
etag: "1002-5c0a4d1fc7d19;5c0f60998a7e1-gzip"
last-modified: Fri, 23 Apr 2021 14:43:33 GMT
server: Apache/2.4.29 (Ubuntu)
tcn: choice
vary: negotiate,Accept-Encoding

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame F0F8 0
181 B 40ms
40ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=zkk4k5i&ref=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&upid=pe180x0&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 31 Mar 2022 04:07:26 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
17ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1508543976&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmidlandsb.brunocosta.agency%2Flogin%2Fpopup&dp=%2Flogin%2Fpopup&ul=en-us&de=UTF-8&dt=Login%20%7C%20Midland%20States%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=%2Flogin%2Fpopup&el=50%25&_u=aCDACEABBAAAAC~&jid=&gjid=&cid=1769850321.1648699646&tid=UA-32423488-1&_gid=1994356155.1648699646&gtm=2wg3n1PSQDPS7&z=315886404

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 13:26:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52870
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 08c659b3b8 Show response
bam-cell.nr-data.net/1/ 49 B
716 B 289ms
249ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/08c659b3b8?a=250983660&v=1215.1253ab8&to=ZlRVYhcEWUVTVkJRDF8edlURDFhYHXFETRNQXWt1ChdSanFaWEwRXl1bUxc5f0JfWXBXEVxyWFgRF1haXlBEFV1WVEN1CgtDU1xBZF0QRF1D&rst=1618&ck=1&ref=https://midlandsb.brunocosta.agency/login/popup&ap=166&be=143&fe=1552&dc=526&perf=%7B%22timing%22:%7B%22of%22:1648699645256,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:26,%22c%22:26,%22s%22:44,%22ce%22:67,%22rq%22:68,%22rp%22:95,%22rpe%22:97,%22dl%22:103,%22di%22:525,%22ds%22:526,%22de%22:543,%22dc%22:1552,%22l%22:1552,%22le%22:1560%7D,%22navigation%22:%7B%7D%7D&fp=328&fcp=328&at=ShNWFF8eSks%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://midlandsb.brunocosta.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 04:07:26 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6f4637d47f919b37-FRA

GET
H2 200 cv_confirm.png
adservices.brandcdn.com/pixel/ Frame 0AA5 68 B
556 B 176ms
176ms Image
image/png 52.8.106.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adservices.brandcdn.com/pixel/cv_confirm.png?aid=112405&buid=c856a7cb-be13-4cbd-bcfc-839b9b8e80e0&m=midlandsb.brunocosta.agency&r=&oid=77673576
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv?aid=112405&cv_ck=c856a7cb-be13-4cbd-bcfc-839b9b8e80e0&m=midlandsb.brunocosta.agency&r=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.106.50 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-106-50.us-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adservices.brandcdn.com/pixel/cv?aid=112405&cv_ck=c856a7cb-be13-4cbd-bcfc-839b9b8e80e0&m=midlandsb.brunocosta.agency&r=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 04:07:26 GMT
last-modified: Fri, 23 Apr 2021 14:43:33 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "44-5c0a4d1fc7d19"
content-length: 68
content-type: image/png

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.brunocosta.agency/	1970-01-20 04:07:55	Name: _gcl_au Value: 1.1.152365499.1648699646
.brunocosta.agency/	1970-01-20 19:29:31	Name: _ga_CQH2S9YXGS Value: GS1.1.1648699645.1.0.1648699645.0
.bing.com/	1970-01-20 11:19:55	Name: MUID Value: 3704F13816936E8F2534E04017416F26
.brunocosta.agency/	1970-01-20 19:29:31	Name: _ga Value: GA1.2.1769850321.1648699646
.brunocosta.agency/	1970-01-20 01:59:46	Name: _gid Value: GA1.2.1994356155.1648699646
.brunocosta.agency/	1970-01-20 01:58:19	Name: _gat_UA-32423488-1 Value: 1
.brunocosta.agency/	1970-01-20 01:59:46	Name: _uetsid Value: 12e7dd90b0a811ec8c8a91a564f0f0ff
.brunocosta.agency/	1970-01-20 11:19:55	Name: _uetvid Value: 12e82ed0b0a811ec8ddb8b94ac665f00
.doubleclick.net/	1970-01-20 01:58:20	Name: test_cookie Value: CheckForPermission
.brunocosta.agency/	1970-01-20 04:07:55	Name: _fbp Value: fb.1.1648699646070.312019716
.linkedin.com/	1970-01-20 02:41:31	Name: UserMatchHistory Value: AQJqEuQrAoradwAAAX_eKB1WFZqslpRT47AauxHtk46Yq2LQY-nwVRKsMRtES8_0OJChqDEv_vVp2Q
.linkedin.com/	1970-01-20 02:41:31	Name: AnalyticsSyncHistory Value: AQIvltfdu0pU1QAAAX_eKB1WtbXCUNlJgmiQaIL5Fr15EYxoycQ_wYXoDeFwzzV2rJugLJfwsRi7uHCeepNtGg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:30:13	Name: bcookie Value: "v=2&1b85e04a-0318-49b3-8836-4b1df73b5b49"
.linkedin.com/	1970-01-20 01:59:46	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2670:u=1:x=1:i=1648699645:t=1648786045:v=2:sig=AQGdYmf3lTWyaSiYywDkB-2o6dRChpk2"
.brunocosta.agency/	1970-01-20 10:43:55	Name: _hjSessionUser_2850189 Value: eyJpZCI6IjI3Zjg3M2E5LWIyNGMtNTYwYy04ZGNjLTQ0NTU0Y2I2YzU1YSIsImNyZWF0ZWQiOjE2NDg2OTk2NDYxMjUsImV4aXN0aW5nIjpmYWxzZX0=
.brunocosta.agency/	1970-01-20 01:58:21	Name: _hjFirstSeen Value: 1
midlandsb.brunocosta.agency/	1970-01-20 01:58:19	Name: _hjIncludedInSessionSample Value: 1
.brunocosta.agency/	1970-01-20 01:58:21	Name: _hjSession_2850189 Value: eyJpZCI6IjMwZDc2ODk1LTQxNjItNDNkNC04MDIzLWY0MGI1MjA4YmVhZiIsImNyZWF0ZWQiOjE2NDg2OTk2NDYxNjAsImluU2FtcGxlIjp0cnVlfQ==
midlandsb.brunocosta.agency/	1970-01-20 01:58:19	Name: _hjIncludedInPageviewSample Value: 1
.brunocosta.agency/	1970-01-20 01:58:21	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 19:30:13	Name: bscookie Value: "v=1&2022033104072584f21d51-2b6f-449f-8209-3499ffac1548AQGPPEGMWgoE28IQJe95vGx83NNm_sKz"
.linkedin.com/	1970-01-20 19:26:09	Name: li_gc Value: MTswOzE2NDg2OTk2NDU7MjswMjGTGI4VoyKhuJX57EAzrnyea9d47XOwRc+BxvEWdyefQg==
midlandsb.brunocosta.agency/	1970-01-20 10:43:55	Name: brandcdn_uid Value: c856a7cb-be13-4cbd-bcfc-839b9b8e80e0
adservices.brandcdn.com/	1970-01-20 10:43:55	Name: brandcdn_uid Value: c856a7cb-be13-4cbd-bcfc-839b9b8e80e0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 47de5ae80ecc47b6
adservices.brandcdn.com/	1970-01-20 02:08:24	Name: AWSALBCORS Value: NhT4B5KLhCyCD4i0s3fXAHn8+1kJKdW6J+RHcl4L9rA06XS/LaJU3WAVq6xhcAN0UW+vimURrWuB+LAF4Wy03mhcimEQXHD1OxYhyEaWsEF24siVwk6IS5pVU6mK

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservices.brandcdn.com
bam-cell.nr-data.net
bat.bing.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
detectca.easysol.net
googleads.g.doubleclick.net
in.hotjar.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
midlandsb.brunocosta.agency
pixel-a.basis.net
pixel.sitescout.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tag.brandcdn.com
vars.hotjar.com
ws31.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
www.midlandsb.com
107.23.44.14
108.157.1.118
108.157.4.53
13.107.42.14
142.250.186.98
143.204.205.113
151.101.130.137
162.247.243.147
2600:9000:206f:fa00:7:e536:8b00:93a1
2606:4700::6812:f001
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9c
2a02:26f0:3500:7::17d8:4dc7
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.204.222.125
52.223.40.198
52.8.106.50
54.229.132.122
65.9.66.123
66.155.71.150
99.80.161.153
99.86.7.16
0063fc6732f22bf57cac6dd75c07671e19d0ea88c8419fd2c94e8844e6c3f975
00738558dc86e055233d4e9d4025eb168cdf26ab9a62932cca16af66d0e3f73d
00a269606af95f52ce213e5096cc3a079d73522bc4e3c398789038666bb1454a
0435814fc17e1232f7a1ce3d1ada57a41fd4d7fce5287826c83de1db26b475e0
04d90a369ebc11b0d43aa5710cab8a1b7b458eb51540eda5be7ad8db0b3ea33b
054123763da10810cbbd026a3f11e365b246d89b9701d07a8776afc87a4675cd
09d82bd143f44cec6137cf9338320505b6f98fb99024ccfe00cb0b6626163636
0c2e3a7970d736a77b9c069b04dc19f6ef3051045ef546b7edd1ff8731c2acde
0e9c32e5c3b23550d7271932a949698a13a2f7f2ed04f687b0e55c235172a23e
0ebc99686d5bef49c1f758c77fe663c219ea363ba21af2fee7fca3e24cdacc20
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548
142dd3a16aabdf975e6c3d327cd0892021d703f614e94db06cc8bc15a3ed527a
167549d476f2de7aafe21665a35957328e7978580fdad0f2e387ea9ff67a2210
16f8986e62548fd9ff39f9fa3846c3ac731ca0d9d871942e28be11592b5494f7
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
1ab0cb68a54ce8eaa6ef7cc65f138f81c0e45baa50eb974f69037c0d88b73f9a
1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496
1d3b4ce2561623c03a2a17c259c403182cfb5ab2159e4b8d6185b95c2353b40e
1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3
218fb1c1fc72e9af6b866f430be2a67fa376392b4db2f4dbf32772671b6ae55c
23fcb237f98618bdf3058ece5f7dac84eb885a22cecdf1485cc6f5e8c6818453
252ed92c388e05a090af00a6d7e2ce1d32ea79e176d3ce0ed562047a6f652425
25475e5b74a5eef4b00115c105cdc7c706cb20ad114df7b638fdbbff65669f1f
28c7d25b5beb888c30843e157017a895032768128f384ae1f0bb567ecb4c894f
2a9b5f6c59a1345f89dabc78e0bd0658dcae7a3bbf9f6d9191b734ca1354345f
2b2abf9500a5e11c9547b4d515ba5d8d2cddae4acdc94c441594b4757e02f5d1
2d9520c68c06b18b29c1070192a5117ea9576092e29354341b76879652e10825
329447027e4b352bbfbe27ce1dc68429660da984330ad530ec2a895d2cd7d406
35357da85d674e44dd9d0bcf27d335af33385f0229298bad5cd76598aa74a921
37b278f08c50fe0f7b17fe64971145abb7ee61c64e0fa35f739672a6630756d1
3a512f2f42a10ad367c3487b6976e708756e49b21a7ee0ffee522575df0a7f50
3ad492ee02ae1d814daf040151e66e2b14210545b01e69435aec215f655707b1
3d1ebdc2799ca6831eaf1d56f1b9594343f114d6dc4c0d1fdc164d2db25b2482
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
40cbaa302e63d0b2b827385b88fc70ffbeb33f1f2c1ec849e56506e5f66ea60b
428e5c21006e900dfd6bc69809f153e15073fa54b7db08412c503aaa1105af4e
429d12a454befd051d12be9c59803746616f252b8a4857458588cf4d761be90f
42fcd5fa66ce508f2ac8b49b358962f88784343c68eb9e73947940da045812b4
43180fc933cf2814989830ef9cd4fe733f9375d2d293833a971374487d31c830
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
4580bc049376cef3db42217a5d0b69fcd23c616e44f8b53d527c77a89a1b1b97
478343a40a73e7afedde1d34a0531f3d525967e39e2eabb405db4bf6f812c679
4acf6e6c9052449f71763158aa2eb5e0a89dee411fc365ad62c6aacd054b13b2
4af4d02de579bc4d4a9084420c5dd38af4c1c582c46ba6bd742a579e11e62611
4b26a403a5aafc900bd2c37110d146c940c2c10df1a47cd13f13d3a76f84a236
4eb8831df2a584bdd322e593d218bcb07089b95ae898f7fd921297874b06c018
57e4175f47ec15d8421dc6bca6a65024644eb30a893ca07e07ec2ebf79c94d00
5c81aa3671a3c8d52a54a2ba91802d0984011a5907fdc00461e0caca8b5ba975
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
62f4d83cd5d9508a022764dd99ddaadef39fe5e8b382f40529a44e0d0fc0e8b1
674ffee773da54d5c276d9a2ca9f2151a6e9065b57f7ed4e27fc94517c87340f
6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe
6e736ea0abd3665acd97e53a00dd2f6eab8e1ead5a51dbf03a04e9cf268d7a6f
74140c5f65eee6881756ccf75dffecf017ff8a3cf90f74911ae6d59c2cbd60b8
754a12dd8ae22818cfa8abe328bc0b605bb92fff540270b062cab041233c2f17
767edf7c23bc04c8104cb4ed5968be22208244e5f59491554996b7c64cbe7525
76ab552b917932778a3cb202e5c874a661aac2f6b050201e3b5fe033095d70ad
79b705b26a49eeaeac2264a7d5c990e0ca3925ae4a3d9975efec3e124c8166ba
7b09b38c6e38cdc7981e573f3237ec1ea1347e1f47d5de72cac87e71e60303cc
7cbee543b95e7bf76fae0ab23da7c7822b9420ac041be73ac7d187d6b089cd80
81ab63624d831469df7fb0fcca1239f2eb42d08e87d84844c17e5e946147acc3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
88dedf597b1f4e4022d4abc1eff922cfc83de5101d5bcbbaa5b57e51e8203059
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da73251fd28e1938c86b9ca4e57773b2e8fbc46c87a35416b4ae58010576549
8eebb7e004629d956e810f39eca97c536eeddc2ee2d601d4a47a388ccfe61f39
8f41af81bae4a1e7a0227e3b5d6e9a449a6f981e1927a110ef0741c53e64c6ff
906082abd4b33d0c13248ff104780fb65afc3c31709eb2f05103dc4280b7e590
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9416bec2a4a057c3bf9b044420a0582257c8896c192a5283132ba30cbd17ae1d
94715a76e465f1122bbbf32d3865dfd9e7238bfef93e50ebdedda99cc62f931b
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
9ba5e003effc465a9771152d0ff3efc35746b75498ed2bd70fbd8753a8ba3f23
9c357e5296fcb72cebe77e61bb4955af53e881e4dfecd83ae961ebe7caeaac03
9d20cab0cceff028b04f87ca0aa24242fe2197f53d3874c361f9296deb14135a
a03bfbcaab15506dbe64b4a071ff984be0e0c4b226101a08c9db3d61fd9a06c5
a189f9e003a4486a75939a97b000cc9f9a00e04a25bb8d423a9c1e3bfd385b6d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a32c9d276605795d91796c1f3b3295eb284a4a8dea8ff1c037d71f3497ed687b
a487ef4a4dc93c1764ed546900dc774945257c4ff7a25ba22bf9cd3df60c5bbf
a5d941e59e932f8cc684b36597b53a3e981ffc68dab4984afff223d985cd507c
b2ec549703cc672f20792c0675d1c8f2a11c5acf4569e90be2eef4636f4ff497
b7f789480b9b23aea49489e81555a2b8d702abdb3faff634d4a42476a6f19c29
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
bccf14981b00b2c94f8662bca2f5cdf09327f21d85e9a163c1208b501a24b1cb
c6cb5e637e5375e5032f0ea0162fba9062eadb36d53bf41db8bb49bb1f0dda0e
ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
ca2a4bb1b22e7b83d7aef549c3e5c9e3a2c4e4ed478698c14352adbacb4acf5c
cb16eb5e180d8c6a8a15c25a47cfe8a72ccca6c4a497cb607acfecf5f3f1b8c4
ccbf78be3654e960477e90e268d70573a1b248585175c7e270ad616318d63f9a
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
d0b08e2033838fcdcb043e3bc1e0d958fe38b9e05bffd7297a25a27ef1fb2466
d110ab886122b4cc15689ee3182e8b2e990cf06b7624c6d19c8590be72fed2dc
d201fdfd02f5b39bd55ec5eb83cd225f461822c57f80ab7093bc95dfcf44a170
d21bcf9f665cf65286c5d37e197678eca2dae714d9fb3a5bab65f7464ea2608a
d4e5db09dad1ee1a5a776c1f0b67fd42315f848265c3a856068e56ad73e48ee7
da797e16831e1c354343f5c4e0255a1b35cd4d09a7334b209d56a3ad4d94b7eb
dd6ac65cc62dd328be8a4406eb75017ea38efca8950da067f86b7c89ed3bf7b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0994832240e7d40a25510f107efc6f53dfdcf025f7a89b8edd7cdb4954a63ac
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e11d6728e7f90ebb51f2ad77689c17632867dfd1fd3202126cd3f9b80cf22d46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebdc917da1f7852a04dcbd60694fc8c2ea50a7a25a94bb9858383ccdcd750eaf
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee7107ff1b4f4da253dbecec7e593f6e39872239b4c6414463be5b56121b47e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f063bfee66e739419a9efbea66afe600b386247018269200fcd2391cf772209f
f068f14904df1d01ea0fd6878171f1b5867de81db4f3a6a2f7809b611129929f
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c
f480d56ea3cda8f289c05f6926ce6e0e2384c1c3be649523c8f435691aafece0
fa7524adca439fd5b719b599a80b4622816b6544f9388f32507bab59cb5f1cdf
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff920a0b9304131aab47c3fd9c8d2d219ec0594e4ba8d6d01c4f39f3b63534df

midlandsb.brunocosta.agency Open in urlscan Pro 2606:4700::6812:f001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

98 %HTTPS

47 %IPv6

23 Domains

32 Subdomains

30 IPs

5 Countries

824 kBTransfer

2450 kBSize

28 Cookies

29 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

midlandsb.brunocosta.agency Open in urlscan Pro
2606:4700::6812:f001 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

98 %
HTTPS

47 %
IPv6

23
Domains

32
Subdomains

30
IPs

5
Countries

824 kB
Transfer

2450 kB
Size

28
Cookies

131 HTTP transactions
2 data transactions