waoline.us Open in urlscan Pro
66.96.130.45 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://waoline.us/Economy/Bank/BnkUS1.htm
Submission: On April 07 via manual (April 7th 2022, 2:20:16 pm UTC) from US — Scanned from US

Summary HTTP 126 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 41 domains to perform 126 HTTP transactions. The main IP is 66.96.130.45, located in United States and belongs to BIZLAND-SD, US. The main domain is waoline.us.

This is the only time waoline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	66.96.130.45 66.96.130.45	29873 (BIZLAND-SD) (BIZLAND-SD)
1 1	23.3.117.25 23.3.117.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:21d... 2600:9000:21da:c000:e:eafc:c400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:1faa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	192.229.162.193 192.229.162.193	15133 (EDGECAST) (EDGECAST)
1 2	23.78.161.229 23.78.161.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	184.50.213.229 184.50.213.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.3.126.173 23.3.126.173	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.3.125.17 23.3.125.17	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	204.44.11.44 204.44.11.44	18709 (BOTW) (BOTW)
2 4	23.217.42.219 23.217.42.219	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	216.52.215.25 216.52.215.25	10912 (INTERNAP-BLK) (INTERNAP-BLK)
4	2606:4700::68... 2606:4700::6812:3c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	184.85.197.233 184.85.197.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	204.74.99.103 204.74.99.103	397213 (ULTRADNS) (ULTRADNS)
2 2	12.19.225.25 12.19.225.25	16490 (MTB) (MTB)
2	2600:9000:21e... 2600:9000:21ea:4a00:b:2146:1340:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	184.51.149.80 184.51.149.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	64.178.214.50 64.178.214.50	14920 (EVERTEC) (EVERTEC)
1 2	104.106.249.128 104.106.249.128	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	208.71.55.51 208.71.55.51	30572 (NYCB-NEW-...) (NYCB-NEW-YORK-COMMUNITY-BANCORP-INC)
1 1	204.74.99.100 204.74.99.100	397213 (ULTRADNS) (ULTRADNS)
1 5	23.5.224.115 23.5.224.115	16625 (AKAMAI-AS) (AKAMAI-AS)
1	132.200.148.131 132.200.148.131	10754 (GOV-FRB-BOG) (GOV-FRB-BOG)
11	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
4 5	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
2 3	104.17.30.191 104.17.30.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:1713	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.195.240.116 91.195.240.116	47846 (SEDO-AS) (SEDO-AS)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
30	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.176.198 142.250.176.198	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
126	33

9 66.96.130.45 (United States)

ASN29873 (BIZLAND-SD, US)
PTR: 45.130.96.66.static.eigbox.net

waoline.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.3.117.25 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-117-25.deploy.static.akamaitechnologies.com

www.bbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:c000:e:eafc:c400:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.truist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:1faa (United States)

ASN13335 (CLOUDFLARENET, US)

bbt.mediaroom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.162.193 (United States) 2 redirects

ASN15133 (EDGECAST, US)

www.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.78.161.229 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-161-229.deploy.static.akamaitechnologies.com

www.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.50.213.229 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-213-229.deploy.static.akamaitechnologies.com

www.key.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.3.126.173 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-126-173.deploy.static.akamaitechnologies.com

www4.harrisbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bmoharris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.3.125.17 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-17.deploy.static.akamaitechnologies.com

www.northerntrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.44.11.44 (United States) 2 redirects

ASN18709 (BOTW, US)

www.bancwestcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.217.42.219 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-42-219.deploy.static.akamaitechnologies.com

www.bankofthewest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.52.215.25 (United States) 8 redirects

ASN10912 (INTERNAP-BLK, US)
PTR: www.uboc.com

www.uboc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:3c1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.unionbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.85.197.233 (Piscataway, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-197-233.deploy.static.akamaitechnologies.com

www.comerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.74.99.103 (United States) 2 redirects

ASN397213 (ULTRADNS, US)

www.mandtbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 12.19.225.25 (Hamburg, United States) 2 redirects

ASN16490 (MTB, US)

www.mtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21ea:4a00:b:2146:1340:93a1 (United States)

ASN16509 (AMAZON-02, US)

www3.mtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.51.149.80 (New York, United States) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-149-80.deploy.static.akamaitechnologies.com

www.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.178.214.50 (Carolina, Puerto Rico) 2 redirects

ASN14920 (EVERTEC, PR)
PTR: www.popularweb.com

www.popular.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.106.249.128 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-106-249-128.deploy.static.akamaitechnologies.com

www.synovus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.71.55.51 (United States) 2 redirects

ASN30572 (NYCB-NEW-YORK-COMMUNITY-BANCORP-INC, US)
PTR: queenscountysavingsbank.com

www.mynycb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.74.99.100 (United States) 1 redirects

ASN397213 (ULTRADNS, US)
PTR: crs.ultradns.net

www.rbcbankusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.5.224.115 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-224-115.deploy.static.akamaitechnologies.com

www.rbcbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.rbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.200.148.131 (Washington, United States)

ASN10754 (GOV-FRB-BOG, US)
PTR: www.ffiec.gov

www.ffiec.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:816::2004 (United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.30.191 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.oanda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www1.oanda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1713 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jigsaw.w3.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.195.240.116 (Germany)

ASN47846 (SEDO-AS, DE)

www.bbvabancomerusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.176.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	554 KB
20	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 ad.doubleclick.net — Cisco Umbrella Rank: 196	151 KB
9	waoline.us waoline.us	97 KB
8	uboc.com 8 redirects www.uboc.com	4 KB
6	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 77	3 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	68 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	181 KB
4	mynycb.com 2 redirects www.mynycb.com	5 KB
4	popular.com 2 redirects www.popular.com — Cisco Umbrella Rank: 721299	319 B
4	huntington.com 2 redirects www.huntington.com — Cisco Umbrella Rank: 53027	9 KB
4	mtb.com 2 redirects www.mtb.com — Cisco Umbrella Rank: 181848 www3.mtb.com — Cisco Umbrella Rank: 110532	268 B
4	comerica.com 2 redirects www.comerica.com — Cisco Umbrella Rank: 335329	448 B
4	unionbank.com www.unionbank.com — Cisco Umbrella Rank: 189148	589 B
4	bankofthewest.com 2 redirects www.bankofthewest.com — Cisco Umbrella Rank: 163233	3 KB
4	td.com 2 redirects www.td.com — Cisco Umbrella Rank: 52166	59 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	4 KB
3	oanda.com 2 redirects www.oanda.com — Cisco Umbrella Rank: 96251 www1.oanda.com — Cisco Umbrella Rank: 193314	1 KB
3	rbc.com www.rbc.com — Cisco Umbrella Rank: 276552	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	17 KB
2	w3.org 1 redirects jigsaw.w3.org — Cisco Umbrella Rank: 82086	3 KB
2	rbcbank.com 1 redirects www.rbcbank.com — Cisco Umbrella Rank: 530742	251 B
2	synovus.com www.synovus.com — Cisco Umbrella Rank: 325089 Failed	280 B
2	mandtbank.com 2 redirects www.mandtbank.com	446 B
2	bancwestcorp.com 2 redirects www.bancwestcorp.com	2 KB
2	northerntrust.com 1 redirects www.northerntrust.com — Cisco Umbrella Rank: 160246	12 KB
2	key.com 1 redirects www.key.com — Cisco Umbrella Rank: 89829	268 B
2	53.com 1 redirects www.53.com — Cisco Umbrella Rank: 64131	324 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	644 B
1	bbvabancomerusa.com www.bbvabancomerusa.com
1	ffiec.gov www.ffiec.gov — Cisco Umbrella Rank: 203560	14 KB
1	rbcbankusa.com 1 redirects www.rbcbankusa.com	217 B
1	bmoharris.com www.bmoharris.com — Cisco Umbrella Rank: 205996	3 KB
1	harrisbank.com 1 redirects www4.harrisbank.com	267 B
1	mediaroom.com bbt.mediaroom.com	35 B
1	truist.com www.truist.com — Cisco Umbrella Rank: 32711
1	bbt.com 1 redirects www.bbt.com — Cisco Umbrella Rank: 213309	169 B
0	forex-affiliate.net Failed www.forex-affiliate.net Failed
0	assoc-amazon.com Failed www.assoc-amazon.com Failed
0	micorp.com Failed www.micorp.com Failed
0	tdbank.com Failed www.tdbank.com Failed
0	regions.com Failed images.regions.com Failed
126	41

	Domain	Requested by
30	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com waoline.us
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	waoline.us pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	waoline.us	waoline.us
8	www.uboc.com	8 redirects
5	www.googletagservices.com	googleads.g.doubleclick.net
5	www.google.com	4 redirects waoline.us
4	www.mynycb.com	2 redirects waoline.us
4	www.popular.com	2 redirects waoline.us
4	www.huntington.com	2 redirects waoline.us
4	www.comerica.com	2 redirects waoline.us
4	www.unionbank.com	waoline.us
4	www.bankofthewest.com	2 redirects waoline.us
4	www.td.com	2 redirects waoline.us
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.rbc.com	waoline.us
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	waoline.us
2	jigsaw.w3.org	1 redirects waoline.us
2	www.oanda.com	2 redirects
2	www.rbcbank.com	1 redirects waoline.us
2	www.synovus.com	waoline.us
2	www3.mtb.com	waoline.us
2	www.mtb.com	2 redirects
2	www.mandtbank.com	2 redirects
2	www.bancwestcorp.com	2 redirects
2	www.northerntrust.com	1 redirects waoline.us
2	www.key.com	1 redirects waoline.us
2	www.53.com	1 redirects waoline.us
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.bbvabancomerusa.com	waoline.us
1	www1.oanda.com	waoline.us
1	www.ffiec.gov	waoline.us
1	www.rbcbankusa.com	1 redirects
1	www.bmoharris.com	waoline.us
1	www4.harrisbank.com	1 redirects
1	bbt.mediaroom.com	waoline.us
1	www.truist.com	waoline.us
1	www.bbt.com	1 redirects
0	www.forex-affiliate.net Failed	waoline.us
0	www.assoc-amazon.com Failed	waoline.us
0	www.micorp.com Failed	waoline.us
0	www.tdbank.com Failed	waoline.us
0	images.regions.com Failed	waoline.us
126	47

This site contains links to these domains. Also see Links.

Domain
waoline.com
www.bbt.com
www.regions.com
www.tdbanknorth.com
www.53.com
www.key.com
www.harrisbank.com
www.northerntrust.com
www.bancwestcorp.com
www.uboc.com
www.comerica.com
www.mandtbank.com
www.micorp.com
www.bbvabancomerusa.com
www.zionsbancorporation.com
www.huntington.com
www.popular.com
www.synovus.com
www.mynycb.com
www.rbcbankusa.com
www.ffiec.gov
bbt.mediaroom.com
www.td.com
www.federalreserve.gov
www.fdic.gov
www.ncua.gov
www.occ.treas.gov
www.ots.treas.gov
www.amazon.com
www.forex-affiliate.com
dir.yahoo.com
directory.google.com
www.alexa.com
www.microsoft.com
dmoz.org
www.imf.org
www.google.com
www.oanda.com
jigsaw.w3.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://waoline.us/Economy/Bank/BnkUS1.htm
Frame ID: BE8564AEB29A2E884C55E3B9A8E66DDF
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4168648008&adf=1522379081&w=728&format=728x90_as&color_bg=2854A8&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184737&bpp=16&bdt=209&idt=2820&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&correlator=2665287346331&frm=20&pv=2&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CanoeEr%7C&abl=NA&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ICxIqhaWMm&p=http%3A//waoline.us&dtd=2843
Frame ID: 0948EE8BC2400B2492BB17233102812D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013200084&adf=1877341230&w=728&format=728x90_as&color_bg=2854A8&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184757&bpp=5&bdt=229&idt=2831&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZQpq7Prcd&p=http%3A//waoline.us&dtd=2835
Frame ID: AFF4CE523116D9DEDC265F40322093FD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013490576&adf=1809502869&w=728&format=728x90_as&color_bg=2B54AA&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184770&bpp=4&bdt=242&idt=2825&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=PdnQgqJO76&p=http%3A//waoline.us&dtd=2829
Frame ID: 42539D1C3B3211ECFF963B2DE657FBAF
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3124350753&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184869&bpp=6&bdt=341&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1018&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fMIGRdM1E1&p=http%3A//waoline.us&dtd=2736
Frame ID: A695E6BAB659B6EC49E43A758428B312
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736
Frame ID: 36A6A0BEC6C0704D130A9BA1F130C55E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: 3BF5D5DA780D08E051DDD9C7E7CE2F6D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/index.html
Frame ID: 1BC29ABDA491C66B94A208388A5F3ED9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 62B67E1BEAC06026DE96A3CB4B4CF94D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A1A97ECB8A8DABEB5F98E77DC4A85F25
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 39D7ABE5A576F9D9561FB115C8DF2D5B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0E00888C3F30727C039C3EB90D2F2F47
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: 41257BB3BD3F82BB5D48D7456AAE706B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: 22704132A12F7F74B560331182E42B2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Largest US and International Bank companies

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

126
Requests

57 %
HTTPS

37 %
IPv6

41
Domains

47
Subdomains

33
IPs

4
Countries

1187 kB
Transfer

2527 kB
Size

15
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: http://waoline.com/

Search URL Search Domain Scan URL

URL: http://www.bbt.com/
Title: BB&T Corporation

Search URL Search Domain Scan URL

URL: http://www.regions.com/
Title: Regions Financial Corporation

Search URL Search Domain Scan URL

URL: http://www.tdbanknorth.com/
Title: TD Banknorth

Search URL Search Domain Scan URL

URL: http://www.53.com/
Title: Fifth Third Bankcorp

Search URL Search Domain Scan URL

URL: http://www.key.com/
Title: KeyBank

Search URL Search Domain Scan URL

URL: http://www.harrisbank.com/
Title: The Harris Bank N.A.

Search URL Search Domain Scan URL

URL: http://www.northerntrust.com/
Title: Northern Trust Corporation

Search URL Search Domain Scan URL

URL: http://www.bancwestcorp.com/
Title: BancWest Corporation

Search URL Search Domain Scan URL

URL: http://www.uboc.com/
Title: Union Bank of California

Search URL Search Domain Scan URL

URL: http://www.comerica.com/
Title: Comerica Bank

Search URL Search Domain Scan URL

URL: http://www.mandtbank.com/
Title: M&T Bank

Search URL Search Domain Scan URL

URL: http://www.micorp.com/
Title: Marshall & Ilsley Corporation

Search URL Search Domain Scan URL

URL: http://www.bbvabancomerusa.com/
Title: BBVA USA Bancshares, Inc.

Search URL Search Domain Scan URL

URL: http://www.zionsbancorporation.com/
Title: Zions Bancorporation

Search URL Search Domain Scan URL

URL: http://www.huntington.com/
Title: The Huntington National Bank

Search URL Search Domain Scan URL

URL: http://www.popular.com/
Title: Popular, Inc.

Search URL Search Domain Scan URL

URL: http://www.synovus.com/
Title: Synovus Financial Corp.

Search URL Search Domain Scan URL

URL: http://www.mynycb.com/
Title: New York Community Bank

Search URL Search Domain Scan URL

URL: http://www.rbcbankusa.com/
Title: RBC Bank (USA)

Search URL Search Domain Scan URL

URL: http://www.ffiec.gov/
Title: Fed. Financial Instit. Exam.

Search URL Search Domain Scan URL

URL: http://bbt.mediaroom.com/index.php
Title: more

Search URL Search Domain Scan URL

URL: http://www.regions.com/about_regions/company_info.rf
Title: more

Search URL Search Domain Scan URL

URL: http://www.td.com/

Search URL Search Domain Scan URL

URL: http://www.tdbanknorth.com/bank/about_us.html
Title: more

Search URL Search Domain Scan URL

URL: http://www.mandtbank.com/about/who.cfm
Title: more

Search URL Search Domain Scan URL

URL: http://www.bbvabancomerusa.com/AboutUs.aspx
Title: more

Search URL Search Domain Scan URL

URL: http://www.popular.com/pr/about/
Title: more

Search URL Search Domain Scan URL

URL: http://www.federalreserve.gov/
Title: (FRB)

Search URL Search Domain Scan URL

URL: http://www.fdic.gov/
Title: (FDIC)

Search URL Search Domain Scan URL

URL: http://www.ncua.gov/
Title: (NCUA)

Search URL Search Domain Scan URL

URL: http://www.occ.treas.gov/
Title: (OCC)

Search URL Search Domain Scan URL

URL: http://www.ots.treas.gov/
Title: (OTS)

Search URL Search Domain Scan URL

URL: http://www.amazon.com/exec/obidos/redirect?link_code=ur2&camp=1789&tag=waoline-20&creative=9325&path=external-search%3Fsearch-type=ss%26keyword=finance%26index=books
Title: Finances

Search URL Search Domain Scan URL

URL: http://www.amazon.com/exec/obidos/redirect?link_code=ur2&camp=1789&tag=waoline-20&creative=9325&path=external-search%3Fsearch-type=ss%26keyword=stock%20exchange%20%26index=books
Title: The stock exchange

Search URL Search Domain Scan URL

URL: http://www.amazon.com/exec/obidos/redirect?link_code=ur2&camp=1789&tag=waoline-20&creative=9325&path=external-search%3Fsearch-type=ss%26keyword=Stock%20%26%20Fund%20Tool%20Kit%26index=software
Title: Stock & Fund Tool Kit

Search URL Search Domain Scan URL

URL: http://www.forex-affiliate.com/main.aspx?ref=22060&bid=144

Search URL Search Domain Scan URL

URL: http://dir.yahoo.com/Business_and_Economy/Shopping_and_Services/Financial_Services/Banking/Banks/
Title: Banks

Search URL Search Domain Scan URL

URL: http://dir.yahoo.com/business_and_economy/Finance_and_Investment/
Title: Finance and Investment

Search URL Search Domain Scan URL

URL: http://dir.yahoo.com/computers_and_internet/internet/world_wide_web/weblogs/Business_and_Finance/
Title: Finance Weblogs

Search URL Search Domain Scan URL

URL: http://directory.google.com/Top/Business/Financial_Services/
Title: Financial Services

Search URL Search Domain Scan URL

URL: http://directory.google.com/Top/Business/Financial_Services/Banking_Services/Banks_and_Institutions/
Title: Banks and Institutions

Search URL Search Domain Scan URL

URL: http://directory.google.com/Top/Business/Investing/Money_Managers/
Title: Money Managers

Search URL Search Domain Scan URL

URL: http://www.alexa.com/browse?&CategoryID=3
Title: Business

Search URL Search Domain Scan URL

URL: http://www.alexa.com/browse?&CategoryID=81
Title: Financial Services

Search URL Search Domain Scan URL

URL: http://www.microsoft.com/smallbusiness/default.mspx
Title: business and economy

Search URL Search Domain Scan URL

URL: http://dmoz.org/Business/Financial_Services/
Title: Financial Services

Search URL Search Domain Scan URL

URL: http://dmoz.org/Business/Financial_Services/Investment_Services/
Title: Investment Services

Search URL Search Domain Scan URL

URL: http://www.imf.org/
Title: International Monetary Fund

Search URL Search Domain Scan URL

URL: http://www.google.com/

Search URL Search Domain Scan URL

URL: http://www.oanda.com/

Search URL Search Domain Scan URL

URL: http://jigsaw.w3.org/css-validator/check/referer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.bbt.com/bbt/images/globalnav/bbt-logo-top.gif HTTP 301
https://www.truist.com/

Request Chain 10

http://www.td.com/images/n1_TDBFGLogo.gif HTTP 301
https://www.td.com/images/n1_TDBFGLogo.gif

Request Chain 11

http://www.tdbanknorth.com/exc/img/logo_tdbanknorth.gif HTTP 301
https://www.tdbank.com/

Request Chain 12

http://www.td.com/images/homepage.jpg HTTP 301
https://www.td.com/images/homepage.jpg

Request Chain 13

http://www.53.com/images/common/hp_top_logo_01.gif HTTP 301
https://www.53.com/images/common/hp_top_logo_01.gif

Request Chain 14

http://www.key.com/images/KeyBank_logo120.gif HTTP 301
https://www.key.com/images/KeyBank_logo120.gif

Request Chain 15

http://www4.harrisbank.com/vgn/images/HarrisLogoReg.gif HTTP 301
https://www.bmoharris.com/vgn/images/HarrisLogoReg.gif

Request Chain 16

http://www.northerntrust.com/images/NortherntrustLogo.jpg HTTP 301
https://www.northerntrust.com/images/NortherntrustLogo.jpg

Request Chain 17

http://www.bancwestcorp.com/Common/Images/bankWest_logo.jpg HTTP 301
https://www.bankofthewest.com/bancwestcorp.htm HTTP 301
https://www.bankofthewest.com/

Request Chain 18

http://www.uboc.com/Images/home_ub_logo_tcm9-2640.gif HTTP 302
https://www.uboc.com/Images/home_ub_logo_tcm9-2640.gif HTTP 301
https://www.unionbank.com/Images/home_ub_logo_tcm9-2640.gif

Request Chain 19

http://www.uboc.com/Images/segment_about_q4-08_tcm9-17039.jpg HTTP 302
https://www.uboc.com/Images/segment_about_q4-08_tcm9-17039.jpg HTTP 301
https://www.unionbank.com/Images/segment_about_q4-08_tcm9-17039.jpg

Request Chain 20

http://www.uboc.com/Images/13107art_business_wlkng_tcm9-333.jpg HTTP 302
https://www.uboc.com/Images/13107art_business_wlkng_tcm9-333.jpg HTTP 301
https://www.unionbank.com/Images/13107art_business_wlkng_tcm9-333.jpg

Request Chain 21

http://www.uboc.com/Images/12973art_man_woman_tcm9-290.jpg HTTP 302
https://www.uboc.com/Images/12973art_man_woman_tcm9-290.jpg HTTP 301
https://www.unionbank.com/Images/12973art_man_woman_tcm9-290.jpg

Request Chain 22

http://www.comerica.com/vgn-ext-templating/com_pub/images/global/header_logo.jpg HTTP 301
https://www.comerica.com/vgn-ext-templating/com_pub/images/global/header_logo.jpg

Request Chain 23

http://www.mandtbank.com/images/banner_main-uwi.gif HTTP 301
https://www.mtb.com/home-page HTTP 301
https://www3.mtb.com/home-page

Request Chain 24

http://www.mandtbank.com/images/about/about_side.jpg HTTP 301
https://www.mtb.com/home-page HTTP 301
https://www3.mtb.com/home-page

Request Chain 28

http://www.huntington.com/images/layout/huntington_logo.gif HTTP 301
https://www.huntington.com/images/layout/huntington_logo.gif

Request Chain 29

http://www.huntington.com/rximages/OverviewImages/Business6Lg.jpg HTTP 301
https://www.huntington.com/rximages/OverviewImages/Business6Lg.jpg

Request Chain 30

http://www.popular.com/pr/shared/bpprlogo.jpg HTTP 301
https://www.popular.com/pr/shared/bpprlogo.jpg

Request Chain 31

http://www.popular.com/pr/corp/img/header/pr-cor-home-header.jpg HTTP 301
https://www.popular.com/pr/corp/img/header/pr-cor-home-header.jpg

Request Chain 32

http://www.synovus.com/includes/images/logo.gif HTTP 301
https://www.synovus.com/includes/images/logo.gif

Request Chain 33

http://www.synovus.com/master/images/page_pics/680/ir1.jpg HTTP 301
https://www.synovus.com/master/images/page_pics/680/ir1.jpg

Request Chain 34

http://www.mynycb.com/images/logo1.gif HTTP 301
https://www.mynycb.com/images/logo1.gif

Request Chain 35

http://www.rbcbankusa.com/file-153031.gif HTTP 301
http://www.rbcbank.com/ HTTP 302
https://www.rbcbank.com/

Request Chain 39

http://www.ffiec.gov/img/header5.gif HTTP 307
https://www.ffiec.gov/img/header5.gif

Request Chain 44

http://www.oanda.com/site/logos/currency-oanda-bg-113x60.gif HTTP 302
https://www.oanda.com/site/logos/currency-oanda-bg-113x60.gif HTTP 302
https://www1.oanda.com/site/logos/currency-oanda-bg-113x60.gif

Request Chain 45

http://jigsaw.w3.org/css-validator/images/vcss-blue HTTP 301
https://jigsaw.w3.org/css-validator/images/vcss-blue

Request Chain 46

http://www.bancwestcorp.com/Common/Images/bear_in_palms.jpg HTTP 301
https://www.bankofthewest.com/bancwestcorp.htm HTTP 301
https://www.bankofthewest.com/

Request Chain 47

http://www.comerica.com/Comerica_Content/About_Comerica/about_header.jpg HTTP 301
https://www.comerica.com/Comerica_Content/About_Comerica/about_header.jpg

Request Chain 49

http://www.mynycb.com/images/div1.jpg HTTP 301
https://www.mynycb.com/images/div1.jpg

Request Chain 51

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 52

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=291832453&utmhn=waoline.us&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Largest%20US%20and%20International%20Bank%20companies&utmhid=2066265707&utmr=-&utmp=%2FEconomy%2FBank%2FBnkUS1.htm&utmht=1649341184866&utmac=UA-2145426-1&utmcc=__utma%3D44753570.1173055836.1649341185.1649341185.1649341185.1%3B%2B__utmz%3D44753570.1649341185.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=685470769&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=291832453&utmhn=waoline.us&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Largest%20US%20and%20International%20Bank%20companies&utmhid=2066265707&utmr=-&utmp=%2FEconomy%2FBank%2FBnkUS1.htm&utmht=1649341184866&utmac=UA-2145426-1&utmcc=__utma%3D44753570.1173055836.1649341185.1649341185.1649341185.1%3B%2B__utmz%3D44753570.1649341185.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=685470769&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 86

https://ad.doubleclick.net/ddm/trackimp/N30602.134426GOOGLEDISPLAYNETW7/B27121055.326258717;dc_trk_aid=518448069;dc_trk_cid=165273846;ord=1873194620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N30602.134426GOOGLEDISPLAYNETW7/B27121055.326258717;dc_pre=CPrDn92SgvcCFU6iswodM2MLYw;dc_trk_aid=518448069;dc_trk_cid=165273846;ord=1873194620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

126 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request BnkUS1.htm Show response
waoline.us/Economy/Bank/ 84 KB
84 KB 245ms
58ms Document
text/html 66.96.130.45
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 66.96.130.45 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 45.130.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 95d1eb8be6ebc3babe7a29a00c91370742376b492aac1fbbaa931b63d67cea3f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 85547
Content-Type: text/html
Date: Thu, 07 Apr 2022 14:19:44 GMT
Etag: "14e2b-515711583cc00"
Expires: Thu, 07 Apr 2022 15:19:44 GMT
Last-Modified: Wed, 06 May 2015 22:12:00 GMT
Server: Apache/2

GET
H/1.1 200
OK montre.js Show response
waoline.us/Js-Css/ 282 B
614 B 64ms
36ms Script
application/x-javascript 66.96.130.45
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: http://waoline.us/Js-Css/montre.js
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 66.96.130.45 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 45.130.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 278ea2ae13fb742cc6b52c093e4bc2602dabdee666c5985c331c6fe213c04da8

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/Economy/Bank/BnkUS1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
Last-Modified: Fri, 06 May 2016 21:55:00 GMT
Server: Apache/2
Age: 0
Etag: "11a-5323382a31500"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 282
Expires: Thu, 07 Apr 2022 18:19:44 GMT

GET
H/1.1 200
OK openmenu.js Show response
waoline.us/Js-Css/ 283 B
615 B 61ms
33ms Script
application/x-javascript 66.96.130.45
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: http://waoline.us/Js-Css/openmenu.js
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 66.96.130.45 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 45.130.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: fb51b0ccfaac28343968c94b4f4f4975a5083a901233d14631e85c0fb58e4294

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/Economy/Bank/BnkUS1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
Last-Modified: Fri, 06 May 2016 21:55:00 GMT
Server: Apache/2
Age: 0
Etag: "11b-5323382a31500"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283
Expires: Thu, 07 Apr 2022 18:19:44 GMT

GET
H/1.1 200
OK opensousmenu.js Show response
waoline.us/Js-Css/ 294 B
626 B 90ms
33ms Script
application/x-javascript 66.96.130.45
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: http://waoline.us/Js-Css/opensousmenu.js
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 66.96.130.45 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 45.130.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: aca8c318ef8cc6255e80abd0bbb22441dc5550ba3f49f9820a567b3519bae764

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/Economy/Bank/BnkUS1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
Last-Modified: Fri, 06 May 2016 21:55:00 GMT
Server: Apache/2
Age: 0
Etag: "126-5323382a31500"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 294
Expires: Thu, 07 Apr 2022 18:19:44 GMT

GET
H/1.1 200
OK waoline.css
waoline.us/Js-Css/ 4 KB
5 KB 66ms
38ms Stylesheet
text/css 66.96.130.45
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: http://waoline.us/Js-Css/waoline.css
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 66.96.130.45 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 45.130.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: ac0aa452f0efdb23b78bbcc0fec92f50c545dff974a0ff911c89852140867fd9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/Economy/Bank/BnkUS1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
Last-Modified: Fri, 06 May 2016 21:55:00 GMT
Server: Apache/2
Age: 0
Etag: "10f2-5323382a31500"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4338
Expires: Thu, 07 Apr 2022 18:19:44 GMT

GET
H/1.1 200
OK google.css
waoline.us/Js-Css/ 180 B
495 B 77ms
49ms Stylesheet
text/css 66.96.130.45
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: http://waoline.us/Js-Css/google.css
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 66.96.130.45 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 45.130.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 4c7ba5fc406b31aa3740de75b3e7ba948d7ae7520bdf0ae3a465af8f20c572f0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/Economy/Bank/BnkUS1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
Last-Modified: Fri, 06 May 2016 21:55:00 GMT
Server: Apache/2
Age: 0
Etag: "b4-5323382a31500"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 180
Expires: Thu, 07 Apr 2022 18:19:44 GMT

GET
H/1.1 200
OK LogoWaoline-US-1-175x34Transparent.gif
waoline.us/images/ 3 KB
4 KB 34ms
34ms Image
image/gif 66.96.130.45
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://waoline.us/images/LogoWaoline-US-1-175x34Transparent.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 66.96.130.45 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 45.130.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: e3cb3a64a222f0b499d7b8190361eb1e3bd2f6679b5a5cc73eb2997ffbc25d32

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/Economy/Bank/BnkUS1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
Last-Modified: Fri, 06 May 2016 21:57:00 GMT
Server: Apache/2
Age: 0
Etag: "cf7-5323389ca2300"
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3319
Expires: Thu, 07 Apr 2022 18:19:44 GMT

GET
H/1.1 200
OK LogoWaoline-Com-3-175x34Transparent.gif
waoline.us/images/ 2 KB
2 KB 34ms
33ms Image
image/gif 66.96.130.45
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://waoline.us/images/LogoWaoline-Com-3-175x34Transparent.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 66.96.130.45 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 45.130.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 3e257c8353bd751b10739f1191cec7de437b102131f274e0bab4b32c12ae943b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/Economy/Bank/BnkUS1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
Last-Modified: Fri, 06 May 2016 21:57:00 GMT
Server: Apache/2
Age: 0
Etag: "831-5323389ca2300"
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2097
Expires: Thu, 07 Apr 2022 18:19:44 GMT

GET
H2

200

/
www.truist.com/
Redirect Chain

http://www.bbt.com/bbt/images/globalnav/bbt-logo-top.gif
https://www.truist.com/

0
0

121ms
24ms

Image
text/html

2600:9000:21da:c000:e:eafc:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.truist.com/
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 2600:9000:21da:c000:e:eafc:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.truist.com
Date: Thu, 07 Apr 2022 14:19:44 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK image.php
bbt.mediaroom.com/ 35 B
35 B 121ms
84ms Image
text/html 2606:4700::6811:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bbt.mediaroom.com/image.php?id=63
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 2606:4700::6811:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: public, no-cache
Connection: keep-alive
CF-RAY: 6f8366645b7932e4-EWR

GET img1.jpg
images.regions.com/virtualMedia/ 0
0

GET
H2

404

n1_TDBFGLogo.gif
www.td.com/images/
Redirect Chain

http://www.td.com/images/n1_TDBFGLogo.gif
https://www.td.com/images/n1_TDBFGLogo.gif

0
0

346ms
198ms

Image
text/html

192.229.162.193
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.td.com/images/n1_TDBFGLogo.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 192.229.162.193 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.td.com/images/n1_TDBFGLogo.gif
Date: Thu, 07 Apr 2022 14:19:44 GMT
x-tdec-version: 9.23
Server: ECD (nya/78BA)
Content-Length: 0

GET

/
www.tdbank.com/
Redirect Chain

http://www.tdbanknorth.com/exc/img/logo_tdbanknorth.gif
https://www.tdbank.com/

0
0

GET
H2

200

homepage.jpg
www.td.com/images/
Redirect Chain

http://www.td.com/images/homepage.jpg
https://www.td.com/images/homepage.jpg

59 KB
59 KB

178ms
31ms

Image
image/jpeg

192.229.162.193
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.td.com/images/homepage.jpg

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

Server

192.229.162.193 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/78BB) / Servlet/3.0

Resource Hash

72d59eb6b58d4f8d1edede254f755e7e124548bfc46468beb94293fc8e2688c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:44 GMT
last-modified: Wed, 09 Mar 2016 20:45:19 GMT
server: ECD (nya/78BB)
age: 486266
x-powered-by: Servlet/3.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-language: en-US
x-tdec-version: 9.23
accept-ranges: bytes
content-type: image/jpeg
content-length: 60098

Redirect headers

Location: https://www.td.com/images/homepage.jpg
Date: Thu, 07 Apr 2022 14:19:44 GMT
x-tdec-version: 9.23
Server: ECD (nya/78BB)
Content-Length: 0

GET
H/1.1

404
Not Found

hp_top_logo_01.gif
www.53.com/images/common/
Redirect Chain

http://www.53.com/images/common/hp_top_logo_01.gif
https://www.53.com/images/common/hp_top_logo_01.gif

0
0

176ms
83ms

Image
text/html

23.78.161.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.53.com/images/common/hp_top_logo_01.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 23.78.161.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-78-161-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.53.com/images/common/hp_top_logo_01.gif
Date: Thu, 07 Apr 2022 14:19:44 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2

200

KeyBank_logo120.gif
www.key.com/images/
Redirect Chain

http://www.key.com/images/KeyBank_logo120.gif
https://www.key.com/images/KeyBank_logo120.gif

0
0

1028ms
879ms

Image
text/html

184.50.213.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.key.com/images/KeyBank_logo120.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 184.50.213.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-50-213-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.key.com/images/KeyBank_logo120.gif
Date: Thu, 07 Apr 2022 14:19:44 GMT
Cache-Control: private, max-age=0
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Thu, 07 Apr 2022 14:19:44 GMT

GET
H2

200

HarrisLogoReg.gif
www.bmoharris.com/vgn/images/
Redirect Chain

http://www4.harrisbank.com/vgn/images/HarrisLogoReg.gif
https://www.bmoharris.com/vgn/images/HarrisLogoReg.gif

2 KB
3 KB

28608ms
23441ms

Image
image/gif

23.3.126.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bmoharris.com/vgn/images/HarrisLogoReg.gif

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

Server

23.3.126.173 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-126-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

76eb1c65f1036afefce4409720aa2b808d7c827daaf5163e2c3d5f672503253c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:50 GMT
x-bmo-correlation_request_id: BMOH::W3::35cc26de20c28ab71bfbcd394e24d5cede752d2c::c85AZqwcOrAAABdHLa0AAAAZ
last-modified: Tue, 09 Oct 2012 15:17:45 GMT
x-ihs-timer: D=1943 t=1632025090867302
content-type: image/gif
cache-control: must-revalidate, max-age=600
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000 ; preload
accept-ranges: none
content-length: 2350
expires: Thu, 07 Apr 2022 14:29:50 GMT

Redirect headers

Location: https://www.bmoharris.com/vgn/images/HarrisLogoReg.gif
Date: Thu, 07 Apr 2022 14:19:44 GMT
Cache-Control: max-age=0
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Thu, 07 Apr 2022 14:19:44 GMT

GET
H2

200

NortherntrustLogo.jpg
www.northerntrust.com/images/
Redirect Chain

http://www.northerntrust.com/images/NortherntrustLogo.jpg
https://www.northerntrust.com/images/NortherntrustLogo.jpg

11 KB
12 KB

186ms
105ms

Image
image/jpeg

23.3.125.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northerntrust.com/images/NortherntrustLogo.jpg

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

Server

23.3.125.17 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-125-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

0e4b14ce24fe23e980beedc93ae760842b7626f57a481f0dc1c4ff9683b53ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 29
date: Thu, 07 Apr 2022 14:19:44 GMT
x-serverid: NPCD-5.28
last-modified: Fri, 21 Sep 2007 14:00:57 GMT
x-edgeconnect-midmile-rtt: 19
etag: "57c652-2da6-b32e1840"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
server-timing: cdn-cache; desc=MISS, edge; dur=52, origin; dur=29
accept-ranges: bytes
content-length: 11686
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.northerntrust.com/images/NortherntrustLogo.jpg
Date: Thu, 07 Apr 2022 14:19:44 GMT
Connection: keep-alive
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT, edge; dur=1
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2

200

/
www.bankofthewest.com/
Redirect Chain

http://www.bancwestcorp.com/Common/Images/bankWest_logo.jpg
https://www.bankofthewest.com/bancwestcorp.htm
https://www.bankofthewest.com/

0
0

339ms
339ms

Image
text/html

23.217.42.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bankofthewest.com/
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 23.217.42.219 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-42-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

x-edgeconnect-origin-mex-latency: 73
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 21
date: Thu, 07 Apr 2022 14:19:45 GMT
location: /
cache-control: private
x-server: BOTW-PROD-CD1
server-timing: dtSInfo;desc="0", dtRpid;desc="53761027"
content-length: 0
expires: -1

GET
H2

404

home_ub_logo_tcm9-2640.gif
www.unionbank.com/Images/
Redirect Chain

http://www.uboc.com/Images/home_ub_logo_tcm9-2640.gif
https://www.uboc.com/Images/home_ub_logo_tcm9-2640.gif
https://www.unionbank.com/Images/home_ub_logo_tcm9-2640.gif

43 B
97 B

453ms
326ms

Image
image/gif

2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unionbank.com/Images/home_ub_logo_tcm9-2640.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:46 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=60
cf-ray: 6f83666befc21a0f-EWR
expires: Thu, 07 Apr 2022 14:20:46 GMT

Redirect headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Server: Apache
Date: Thu, 07 Apr 2022 14:19:45 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://www.unionbank.com/Images/home_ub_logo_tcm9-2640.gif
Server-Timing: dtRpid;desc="-1323428022"
Connection: Keep-Alive
Keep-Alive: timeout=90, max=100
Content-Length: 267

GET
H2

404

segment_about_q4-08_tcm9-17039.jpg
www.unionbank.com/Images/
Redirect Chain

http://www.uboc.com/Images/segment_about_q4-08_tcm9-17039.jpg
https://www.uboc.com/Images/segment_about_q4-08_tcm9-17039.jpg
https://www.unionbank.com/Images/segment_about_q4-08_tcm9-17039.jpg

43 B
98 B

411ms
327ms

Image
image/gif

2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unionbank.com/Images/segment_about_q4-08_tcm9-17039.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:46 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=60
cf-ray: 6f83666befc31a0f-EWR
expires: Thu, 07 Apr 2022 14:20:46 GMT

Redirect headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Server: Apache
Date: Thu, 07 Apr 2022 14:19:45 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://www.unionbank.com/Images/segment_about_q4-08_tcm9-17039.jpg
Server-Timing: dtRpid;desc="1295315518"
Connection: Keep-Alive
Keep-Alive: timeout=90, max=100
Content-Length: 275

GET
H2

404

13107art_business_wlkng_tcm9-333.jpg
www.unionbank.com/Images/
Redirect Chain

http://www.uboc.com/Images/13107art_business_wlkng_tcm9-333.jpg
https://www.uboc.com/Images/13107art_business_wlkng_tcm9-333.jpg
https://www.unionbank.com/Images/13107art_business_wlkng_tcm9-333.jpg

43 B
296 B

374ms
326ms

Image
image/gif

2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unionbank.com/Images/13107art_business_wlkng_tcm9-333.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:46 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=60
cf-ray: 6f83666befc51a0f-EWR
expires: Thu, 07 Apr 2022 14:20:46 GMT

Redirect headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Server: Apache
Date: Thu, 07 Apr 2022 14:19:45 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://www.unionbank.com/Images/13107art_business_wlkng_tcm9-333.jpg
Server-Timing: dtRpid;desc="-1431311943"
Connection: Keep-Alive
Keep-Alive: timeout=90, max=99
Content-Length: 277

GET
H2

404

12973art_man_woman_tcm9-290.jpg
www.unionbank.com/Images/
Redirect Chain

http://www.uboc.com/Images/12973art_man_woman_tcm9-290.jpg
https://www.uboc.com/Images/12973art_man_woman_tcm9-290.jpg
https://www.unionbank.com/Images/12973art_man_woman_tcm9-290.jpg

43 B
98 B

333ms
327ms

Image
image/gif

2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unionbank.com/Images/12973art_man_woman_tcm9-290.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:46 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=60
cf-ray: 6f83666befc71a0f-EWR
expires: Thu, 07 Apr 2022 14:20:46 GMT

Redirect headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Server: Apache
Date: Thu, 07 Apr 2022 14:19:45 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://www.unionbank.com/Images/12973art_man_woman_tcm9-290.jpg
Server-Timing: dtRpid;desc="-1779124851"
Connection: Keep-Alive
Keep-Alive: timeout=90, max=99
Content-Length: 272

GET
H/1.1

404
Not Found

header_logo.jpg
www.comerica.com/vgn-ext-templating/com_pub/images/global/
Redirect Chain

http://www.comerica.com/vgn-ext-templating/com_pub/images/global/header_logo.jpg
https://www.comerica.com/vgn-ext-templating/com_pub/images/global/header_logo.jpg

0
0

418ms
151ms

Image
text/html

184.85.197.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.comerica.com/vgn-ext-templating/com_pub/images/global/header_logo.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 184.85.197.233 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-85-197-233.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.comerica.com/vgn-ext-templating/com_pub/images/global/header_logo.jpg
Date: Thu, 07 Apr 2022 14:19:45 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2

200

home-page
www3.mtb.com/
Redirect Chain

http://www.mandtbank.com/images/banner_main-uwi.gif
https://www.mtb.com/home-page
https://www3.mtb.com/home-page

0
0

148ms
25ms

Image
text/html

2600:9000:21ea:4a00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www3.mtb.com/home-page
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 2600:9000:21ea:4a00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www3.mtb.com/home-page
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

200

home-page
www3.mtb.com/
Redirect Chain

http://www.mandtbank.com/images/about/about_side.jpg
https://www.mtb.com/home-page
https://www3.mtb.com/home-page

0
0

121ms
46ms

Image
text/html

2600:9000:21ea:4a00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www3.mtb.com/home-page
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 2600:9000:21ea:4a00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www3.mtb.com/home-page
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET MIlogo1.gif
www.micorp.com/mibanknew/images/ 0
0

GET pic_micorpbanner.jpg
www.micorp.com/mibank/images/ 0
0

GET
H/1.1 200
OK spacer.gif
waoline.us/images/ 43 B
358 B 33ms
32ms Image
image/gif 66.96.130.45
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://waoline.us/images/spacer.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 66.96.130.45 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 45.130.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/Economy/Bank/BnkUS1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:46 GMT
Last-Modified: Fri, 06 May 2016 21:57:00 GMT
Server: Apache/2
Age: 0
Etag: "2b-5323389ca2300"
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 07 Apr 2022 18:19:46 GMT

GET
H2

200

huntington_logo.gif
www.huntington.com/images/layout/
Redirect Chain

http://www.huntington.com/images/layout/huntington_logo.gif
https://www.huntington.com/images/layout/huntington_logo.gif

886 B
1 KB

194ms
76ms

Image
image/webp

184.51.149.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.huntington.com/images/layout/huntington_logo.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 184.51.149.80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-80.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9afe5007ab31a0edb7567beb8d45c198c678d364973cb7bbb62eb12700519401

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:46 GMT
last-modified: Wed, 06 Apr 2022 06:00:27 GMT
server: Akamai Image Manager
etag: "c1e-59e1d9d58fbc3"
content-type: image/webp
cache-control: private, no-transform, max-age=488502
content-length: 886
expires: Wed, 13 Apr 2022 06:01:28 GMT

Redirect headers

Location: https://www.huntington.com/images/layout/huntington_logo.gif
Date: Thu, 07 Apr 2022 14:19:46 GMT
Cache-Control: private, max-age=0
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Thu, 07 Apr 2022 14:19:46 GMT

GET
H2

200

Business6Lg.jpg
www.huntington.com/rximages/OverviewImages/
Redirect Chain

http://www.huntington.com/rximages/OverviewImages/Business6Lg.jpg
https://www.huntington.com/rximages/OverviewImages/Business6Lg.jpg

7 KB
7 KB

197ms
78ms

Image
image/webp

184.51.149.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.huntington.com/rximages/OverviewImages/Business6Lg.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 184.51.149.80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-80.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 57a7c3df81d910dd83492dbf82f30babfe2f5f96f1ddaba824e318fd837f8694

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:46 GMT
last-modified: Wed, 06 Apr 2022 06:00:27 GMT
server: Akamai Image Manager
etag: "2bcd-59e1d9d418067"
content-type: image/webp
cache-control: private, no-transform, max-age=488496
content-length: 6950
expires: Wed, 13 Apr 2022 06:01:22 GMT

Redirect headers

Location: https://www.huntington.com/rximages/OverviewImages/Business6Lg.jpg
Date: Thu, 07 Apr 2022 14:19:46 GMT
Cache-Control: private, max-age=0
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Thu, 07 Apr 2022 14:19:46 GMT

GET
H/1.1

404
Not Found

bpprlogo.jpg
www.popular.com/pr/shared/
Redirect Chain

http://www.popular.com/pr/shared/bpprlogo.jpg
https://www.popular.com/pr/shared/bpprlogo.jpg

0
0

530ms
250ms

Image
text/html

64.178.214.50
EVERTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.popular.com/pr/shared/bpprlogo.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 64.178.214.50 Carolina, Puerto Rico, ASN14920 (EVERTEC, PR),
Reverse DNS: www.popularweb.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.popular.com/pr/shared/bpprlogo.jpg
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1

404
Not Found

pr-cor-home-header.jpg
www.popular.com/pr/corp/img/header/
Redirect Chain

http://www.popular.com/pr/corp/img/header/pr-cor-home-header.jpg
https://www.popular.com/pr/corp/img/header/pr-cor-home-header.jpg

0
0

805ms
330ms

Image
text/html

64.178.214.50
EVERTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.popular.com/pr/corp/img/header/pr-cor-home-header.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 64.178.214.50 Carolina, Puerto Rico, ASN14920 (EVERTEC, PR),
Reverse DNS: www.popularweb.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.popular.com/pr/corp/img/header/pr-cor-home-header.jpg
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET

logo.gif
www.synovus.com/includes/images/
Redirect Chain

http://www.synovus.com/includes/images/logo.gif
https://www.synovus.com/includes/images/logo.gif

0
0

GET
H/1.1

404
Not Found

ir1.jpg
www.synovus.com/master/images/page_pics/680/
Redirect Chain

http://www.synovus.com/master/images/page_pics/680/ir1.jpg
https://www.synovus.com/master/images/page_pics/680/ir1.jpg

0
0

520ms
395ms

Image
text/html

104.106.249.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.synovus.com/master/images/page_pics/680/ir1.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 104.106.249.128 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-106-249-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.synovus.com/master/images/page_pics/680/ir1.jpg
Date: Thu, 07 Apr 2022 14:19:46 GMT
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Expires: Thu, 07 Apr 2022 14:19:46 GMT

GET
H2

404

logo1.gif
www.mynycb.com/images/
Redirect Chain

http://www.mynycb.com/images/logo1.gif
https://www.mynycb.com/images/logo1.gif

0
0

185ms
91ms

Image
text/html

208.71.55.51
NYCB-NEW-YORK-COM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mynycb.com/images/logo1.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 208.71.55.51 , United States, ASN30572 (NYCB-NEW-YORK-COMMUNITY-BANCORP-INC, US),
Reverse DNS: queenscountysavingsbank.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Content-Security-Policy: default-src 'none'; connect-src 'self' https://apps.mynycb.com https://www.googletagmanager.com http://www.googleadservices.com http://www.google-analytics.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com; font-src 'self' https://apps.mynycb.com https://fonts.googleapis.com https://fonts.gstatic.com; media-src 'self' https://www.onlinebanktours.com; object-src 'self'; form-action 'self' https://onlinebanking.mynycb.com https://nycb.olbanking.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apps.mynycb.com https://www.googletagmanager.com https://maps.googleapis.com https://polyfill.io http://www.googleadservices.com http://www.google-analytics.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com; style-src 'self' 'unsafe-inline' https://apps.mynycb.com https://www.googletagmanager.com http://www.googleadservices.com http://www.google-analytics.com https://fonts.googleapis.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com; frame-src http://www.onlinebanktours.com; frame-ancestors 'self' https://www.googletagmanager.com http://www.googleadservices.com http://www.google-analytics.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com https://cdn.oectours.com; img-src 'self' data: https://apps.mynycb.com https://www.googletagmanager.com http://www.googletagmanager.com/ http://www.googleadservices.com http://www.google-analytics.com https://developers.google.com https://maps.googleapis.com https://maps.gstatic.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com https://cdn.oectours.com; child-src 'self' https://www.googletagmanager.com http://www.googleadservices.com http://www.google-analytics.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com https://cdn.oectours.com;
Referrer-Policy: same-origin
Date: Thu, 07 Apr 2022 14:19:46 GMT
X-Frame-Options: DENY
Content-Type: text/html; charset=UTF-8
Location: https://www.mynycb.com/images/logo1.gif
X-Xss-Protection: 1
Content-Length: 162
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=edge

GET
H2

200

/
www.rbcbank.com/
Redirect Chain

http://www.rbcbankusa.com/file-153031.gif
http://www.rbcbank.com/
https://www.rbcbank.com/

0
0

127ms
65ms

Image
text/html

23.5.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbcbank.com/
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 23.5.224.115 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-224-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.rbcbank.com/
Date: Thu, 07 Apr 2022 14:19:47 GMT
Connection: keep-alive
X-EdgeConnect-Cache-Status: 3
Content-Length: 208
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Beijing-branch-sm.jpg
www.rbc.com/newsroom/pictures/ 4 KB
4 KB 254ms
80ms Image
image/jpeg 23.5.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.rbc.com/newsroom/pictures/Beijing-branch-sm.jpg

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

HTTP/1.1

Server

23.5.224.115 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-5-224-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

7b983d3d871dec3cc18bf099fad8fddf3eacd6fd4d6ff8afad37871a5460340e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:47 GMT
Last-Modified: Fri, 24 Feb 2006 15:56:49 GMT
ETag: "40d8c68a3f240"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3687
Expires: Mon, 04 Apr 2022 01:24:31 GMT

GET
H/1.1 200
OK NorthTowerSignage-sm.jpg
www.rbc.com/newsroom/pictures/ 5 KB
5 KB 118ms
98ms Image
image/jpeg 23.5.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.rbc.com/newsroom/pictures/NorthTowerSignage-sm.jpg

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

HTTP/1.1

Server

23.5.224.115 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-5-224-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

b3f632aab7a7740a95b212dbf3e3801c01b41f71d62f76c4cf80fe0e8f354bcb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:47 GMT
Last-Modified: Tue, 16 Nov 2004 20:22:04 GMT
ETag: "3e905e90a3300"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5257
Expires: Mon, 04 Apr 2022 01:24:31 GMT

GET
H/1.1 200
OK Beijing-branch-logo-sm.jpg
www.rbc.com/newsroom/pictures/ 5 KB
5 KB 95ms
75ms Image
image/jpeg 23.5.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.rbc.com/newsroom/pictures/Beijing-branch-logo-sm.jpg

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

HTTP/1.1

Server

23.5.224.115 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-5-224-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

5927f65b466761929e193397ac84661cecec1346417b62505f7c2d77aed5749c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:47 GMT
Last-Modified: Fri, 24 Feb 2006 15:56:40 GMT
ETag: "40d8c681a9e00"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5113
Expires: Mon, 04 Apr 2022 01:24:31 GMT

GET
H/1.1

200
OK

header5.gif
www.ffiec.gov/img/
Redirect Chain

http://www.ffiec.gov/img/header5.gif
https://www.ffiec.gov/img/header5.gif

13 KB
14 KB

176ms
41ms

Image
image/gif

132.200.148.131
GOV-FRB-BOG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ffiec.gov/img/header5.gif

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

HTTP/1.1

Server

132.200.148.131 Washington, United States, ASN10754 (GOV-FRB-BOG, US),

Reverse DNS

www.ffiec.gov

Software

Resource Hash

c6ff3da4ce21fcb1ff3f3a5df6e6a205e7522ee75e75fcfe733b87cf1aa594ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:46 GMT
Last-Modified: Fri, 04 May 2007 19:13:49 GMT
ETag: "80543258808ec71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 13495

Redirect headers

Location: https://www.ffiec.gov/img/header5.gif
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET ir
www.assoc-amazon.com/e/ 0
0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 115 KB
40 KB 65ms
43ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

HTTP/1.1

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c6775476c584ada4e937b3c5f3ed31fbd81c9fc37753820c3b9371b65112397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 07 Apr 2022 14:19:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 17506032199842252588
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40025
X-XSS-Protection: 0
Expires: Thu, 07 Apr 2022 14:19:44 GMT

GET 728x090_ENG_aff.gif
www.forex-affiliate.net/files/ 0
0

GET
H/1.1 200
OK Logo_25blk.gif
www.google.com/logos/ 2 KB
2 KB 59ms
39ms Image
image/gif 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/logos/Logo_25blk.gif

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

HTTP/1.1

Server

2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de4170e433e97866dd2e0c8561c39f3cfedb1f4c09884cbe58babaa12cc84855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 12:00:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 1551
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Thu, 07 Apr 2022 14:19:44 GMT

GET
H2

404

currency-oanda-bg-113x60.gif
www1.oanda.com/site/logos/
Redirect Chain

http://www.oanda.com/site/logos/currency-oanda-bg-113x60.gif
https://www.oanda.com/site/logos/currency-oanda-bg-113x60.gif
https://www1.oanda.com/site/logos/currency-oanda-bg-113x60.gif

0
0

123ms
110ms

Image
text/html

104.17.30.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.oanda.com/site/logos/currency-oanda-bg-113x60.gif
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 104.17.30.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Thu, 07 Apr 2022 14:19:45 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58746
strict-transport-security: max-age=15780000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 64ac845c-996c-4368-9e32-d97829430fa4
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
content-type: text/html; charset=utf-8
location: https://www1.oanda.com/site/logos/currency-oanda-bg-113x60.gif
cache-control: max-age=60, s-maxage=86400
cf-ray: 6f8366662faf9e16-EWR

GET
H2

200

vcss-blue
jigsaw.w3.org/css-validator/images/
Redirect Chain

http://jigsaw.w3.org/css-validator/images/vcss-blue
https://jigsaw.w3.org/css-validator/images/vcss-blue

2 KB
2 KB

152ms
105ms

Image
image/gif

2606:4700::6812:1713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jigsaw.w3.org/css-validator/images/vcss-blue

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

Server

2606:4700::6812:1713 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

052a153ac653cee8e2b7015d982d42a8524f43ede8a2c7d8335d085ce73879f6

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="cN0QSpPIkuwpT6iP2YjEo1bEwGpH/yiUn6yhdy+HNto="; pin-sha256="WGJkyYjx1QMdMe0UqlyOKXtydPDVrk7sl2fV+nNm1r4="; pin-sha256="LrKdTxZLRTvyHM4/atX2nquX9BeHRZMCxg3cf4rhc2I="; max-age=864000
Strict-Transport-Security	max-age=15552015; includeSubDomains; preload
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552015; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1759
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="cN0QSpPIkuwpT6iP2YjEo1bEwGpH/yiUn6yhdy+HNto="; pin-sha256="WGJkyYjx1QMdMe0UqlyOKXtydPDVrk7sl2fV+nNm1r4="; pin-sha256="LrKdTxZLRTvyHM4/atX2nquX9BeHRZMCxg3cf4rhc2I="; max-age=864000
last-modified: Tue, 27 Oct 2015 07:18:36 GMT
x-request-id: 6f836665da398c1d
x-frame-options: deny
etag: "1clnvmt:1a2k1jdo8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/gif
content-location: https://jigsaw.w3.org/css-validator/images/vcss-blue.gif
cache-control: max-age=518400
accept-ranges: bytes
cf-ray: 6f836665da398c1d-EWR
expires: Thu, 07 Apr 2022 19:58:36 GMT

Redirect headers

Date: Thu, 07 Apr 2022 14:19:44 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://jigsaw.w3.org/css-validator/images/vcss-blue
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6f836665493d8c77-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Thu, 07 Apr 2022 15:19:44 GMT

GET
H2

200

/
www.bankofthewest.com/
Redirect Chain

http://www.bancwestcorp.com/Common/Images/bear_in_palms.jpg
https://www.bankofthewest.com/bancwestcorp.htm
https://www.bankofthewest.com/

0
0

387ms
387ms

Image
text/html

23.217.42.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bankofthewest.com/
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 23.217.42.219 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-42-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

x-edgeconnect-origin-mex-latency: 236
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 20
date: Thu, 07 Apr 2022 14:19:45 GMT
location: /
cache-control: private
x-server: BOTW-PROD-CD2
server-timing: dtSInfo;desc="0", dtRpid;desc="-1837170106"
content-length: 0
expires: -1

GET
H/1.1

404
Not Found

about_header.jpg
www.comerica.com/Comerica_Content/About_Comerica/
Redirect Chain

http://www.comerica.com/Comerica_Content/About_Comerica/about_header.jpg
https://www.comerica.com/Comerica_Content/About_Comerica/about_header.jpg

0
0

212ms
120ms

Image
text/html

184.85.197.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.comerica.com/Comerica_Content/About_Comerica/about_header.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 184.85.197.233 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-85-197-233.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://www.comerica.com/Comerica_Content/About_Comerica/about_header.jpg
Date: Thu, 07 Apr 2022 14:19:45 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden TopSpanish.jpg
www.bbvabancomerusa.com/images/ 0
0 5454ms
5096ms Image
text/html 91.195.240.116
SEDO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bbvabancomerusa.com/images/TopSpanish.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: HTTP/1.1
Server: 91.195.240.116 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2

404

div1.jpg
www.mynycb.com/images/
Redirect Chain

http://www.mynycb.com/images/div1.jpg
https://www.mynycb.com/images/div1.jpg

0
0

48ms
48ms

Image
text/html

208.71.55.51
NYCB-NEW-YORK-COM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mynycb.com/images/div1.jpg
Requested by: Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm
Protocol: H2
Server: 208.71.55.51 , United States, ASN30572 (NYCB-NEW-YORK-COMMUNITY-BANCORP-INC, US),
Reverse DNS: queenscountysavingsbank.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Content-Security-Policy: default-src 'none'; connect-src 'self' https://apps.mynycb.com https://www.googletagmanager.com http://www.googleadservices.com http://www.google-analytics.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com; font-src 'self' https://apps.mynycb.com https://fonts.googleapis.com https://fonts.gstatic.com; media-src 'self' https://www.onlinebanktours.com; object-src 'self'; form-action 'self' https://onlinebanking.mynycb.com https://nycb.olbanking.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apps.mynycb.com https://www.googletagmanager.com https://maps.googleapis.com https://polyfill.io http://www.googleadservices.com http://www.google-analytics.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com; style-src 'self' 'unsafe-inline' https://apps.mynycb.com https://www.googletagmanager.com http://www.googleadservices.com http://www.google-analytics.com https://fonts.googleapis.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com; frame-src http://www.onlinebanktours.com; frame-ancestors 'self' https://www.googletagmanager.com http://www.googleadservices.com http://www.google-analytics.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com https://cdn.oectours.com; img-src 'self' data: https://apps.mynycb.com https://www.googletagmanager.com http://www.googletagmanager.com/ http://www.googleadservices.com http://www.google-analytics.com https://developers.google.com https://maps.googleapis.com https://maps.gstatic.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com https://cdn.oectours.com; child-src 'self' https://www.googletagmanager.com http://www.googleadservices.com http://www.google-analytics.com http://sdc.ohiosavings.com http://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://www.onlinebanktours.com https://cdn.oectours.com;
Referrer-Policy: same-origin
Date: Thu, 07 Apr 2022 14:19:46 GMT
X-Frame-Options: DENY
Content-Type: text/html; charset=UTF-8
Location: https://www.mynycb.com/images/div1.jpg
X-Xss-Protection: 1
Content-Length: 161
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=edge

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/ 302 KB
108 KB 97ms
48ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_fy2019.js?bust=31066933

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

720a9bd18aaef18b65b29e48014f83dec6f0dcaa9f1a651f1c70c20eb6796d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110219
x-xss-protection: 0
server: cafe
etag: 13746385889833051665
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 14:19:47 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

71ms
22ms

Script
text/javascript

2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3029
date: Thu, 07 Apr 2022 13:29:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 07 Apr 2022 15:29:15 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=291832453&utmhn=waoline.us&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Larg...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=291832453&utmhn=waoline.us&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Lar...

35 B
197 B

35ms
34ms

Image
image/gif

2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=291832453&utmhn=waoline.us&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Largest%20US%20and%20International%20Bank%20companies&utmhid=2066265707&utmr=-&utmp=%2FEconomy%2FBank%2FBnkUS1.htm&utmht=1649341184866&utmac=UA-2145426-1&utmcc=__utma%3D44753570.1173055836.1649341185.1649341185.1649341185.1%3B%2B__utmz%3D44753570.1649341185.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=685470769&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=291832453&utmhn=waoline.us&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Largest%20US%20and%20International%20Bank%20companies&utmhid=2066265707&utmr=-&utmp=%2FEconomy%2FBank%2FBnkUS1.htm&utmht=1649341184866&utmac=UA-2145426-1&utmcc=__utma%3D44753570.1173055836.1649341185.1649341185.1649341185.1%3B%2B__utmz%3D44753570.1649341185.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=685470769&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 85ms
34ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=waoline.us&callback=_gfp_s_&client=ca-pub-7559095502172008

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_fy2019.js?bust=31066933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

fa57a476882d9a92baeb79b2d1bb5a771ca1920a78be29809cbc70ff5a433e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 88ms
39ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=waoline.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_fy2019.js?bust=31066933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://waoline.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Apr 2022 14:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0948 90 KB
32 KB 509ms
458ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4168648008&adf=1522379081&w=728&format=728x90_as&color_bg=2854A8&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184737&bpp=16&bdt=209&idt=2820&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&correlator=2665287346331&frm=20&pv=2&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CanoeEr%7C&abl=NA&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ICxIqhaWMm&p=http%3A//waoline.us&dtd=2843

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_fy2019.js?bust=31066933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fad2160094de9288057aebb8d069311756de27e608802ece230371e488d28f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://waoline.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32447
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 14:19:48 GMT
expires: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFF4 69 KB
28 KB 699ms
660ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013200084&adf=1877341230&w=728&format=728x90_as&color_bg=2854A8&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184757&bpp=5&bdt=229&idt=2831&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZQpq7Prcd&p=http%3A//waoline.us&dtd=2835

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_fy2019.js?bust=31066933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d19fbec9c93abfe232eec9bf10199d041db83d765d88dbd372caff18d54e1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://waoline.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28486
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 14:19:48 GMT
expires: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4253 72 KB
21 KB 698ms
667ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013490576&adf=1809502869&w=728&format=728x90_as&color_bg=2B54AA&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184770&bpp=4&bdt=242&idt=2825&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=PdnQgqJO76&p=http%3A//waoline.us&dtd=2829

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_fy2019.js?bust=31066933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

991f4e564475c5356a34da4389ba577b25b7c7de691e1ec36796f28444c7ba74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://waoline.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21558
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 14:19:48 GMT
expires: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A695 107 KB
40 KB 702ms
676ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3124350753&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184869&bpp=6&bdt=341&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1018&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fMIGRdM1E1&p=http%3A//waoline.us&dtd=2736

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_fy2019.js?bust=31066933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58efee4f7a8797113cbbeda9c81e5b5fc8143fbceec9bef48e63d8b75f9c1636

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN-q69ySgvcCFcTSKAUd47ICdw&gqi=A_NOYp_wJ4GOoPMP84GGiAY&layout=/sadbundle/%24csp%253Der3%24/16725250256943021739/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://waoline.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39934
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN-q69ySgvcCFcTSKAUd47ICdw&gqi=A_NOYp_wJ4GOoPMP84GGiAY&layout=/sadbundle/%24csp%253Der3%24/16725250256943021739/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 14:19:48 GMT
expires: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 36A6 69 KB
28 KB 731ms
711ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_fy2019.js?bust=31066933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d385583a89ce2aad66a67ba763d09815f432ea88637b339a3d567e53a3b85216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://waoline.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28516
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 14:19:48 GMT
expires: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0948 8 KB
1 KB 86ms
37ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4168648008&adf=1522379081&w=728&format=728x90_as&color_bg=2854A8&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184737&bpp=16&bdt=209&idt=2820&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&correlator=2665287346331&frm=20&pv=2&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CanoeEr%7C&abl=NA&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ICxIqhaWMm&p=http%3A//waoline.us&dtd=2843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 12:36:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 14:19:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 14:19:48 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 0948 2 KB
984 B 87ms
26ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:09:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0948 0
0 76ms
48ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGYJOA_NOYufYKMm1MJy_pfAMnqDmvWns7Iem7A7Dl4Daiw4QASDY2ZMCYMnujovApIwQoAGDxrfiA8gBCagDAcgDywSqBNQBT9D5NOO6tQNksEJXUNVjSxsDY3FDAkZil13uDV1av4ULOPpwTKGHxI57tp6nuk2hZe2iNiuJ_aMP80oaLfmUJ-GFxR1sJmuRGV7fDKtizkcd5rE98bfkKtZhJ3VcrNU4pdUabGMJqdcI6PMGL0p34-nQYh5krzGptd885JrmmPndoYP6ct_wsSQyj1HkSDMcut-s4oaxbw-N4cKJv6RnKKQvP4UGOYEXTgRUeAMbLhcfoER5Pn91GuBIciIi5juDW77JiLkRt-Nr8B4FvLfDzr12SjnABMXGz_XpA5IFBAgEGAGSBQQIBRgEoAYugAflucgdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQksiRA9IIBwiAYRABGB-ACgHICwG4E4gn2BMKiBQB0BUBmBYBgBcBshccChoIABIUcHViLTc1NTkwOTU1MDIxNzIwMDgYAA&sigh=_Bw8HLBYVpw&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4168648008&adf=1522379081&w=728&format=728x90_as&color_bg=2854A8&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184737&bpp=16&bdt=209&idt=2820&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&correlator=2665287346331&frm=20&pv=2&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CanoeEr%7C&abl=NA&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ICxIqhaWMm&p=http%3A//waoline.us&dtd=2843
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Apr 2022 14:19:48 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/ Frame 0948 19 KB
8 KB 79ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:19:32 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 0948 3 KB
1 KB 85ms
27ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:17:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0948 119 KB
37 KB 126ms
76ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 14:19:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 0948 15 KB
6 KB 81ms
23ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:16:26 GMT

GET
H2 200 63f6484ee989c3eda25e621c99817b87.js Show response
www.gstatic.com/mysidia/ Frame 0948 29 KB
12 KB 69ms
19ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 01:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 08:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 01:04:51 GMT

GET
H3 200 14832873754089648323
tpc.googlesyndication.com/simgad/ Frame AFF4 49 KB
49 KB 66ms
33ms Image
image/gif 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14832873754089648323

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013200084&adf=1877341230&w=728&format=728x90_as&color_bg=2854A8&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184757&bpp=5&bdt=229&idt=2831&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZQpq7Prcd&p=http%3A//waoline.us&dtd=2835

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c394f8cfc167275501a6843d45f6eca414b946ba4e8a06e3de91c233729bc4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 23:49:29 GMT
x-content-type-options: nosniff
age: 484219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50400
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 22:56:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Apr 2023 23:49:29 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/ Frame AFF4 19 KB
8 KB 51ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:19:32 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame AFF4 3 KB
1 KB 37ms
36ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:17:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFF4 119 KB
36 KB 109ms
82ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 14:19:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame AFF4 15 KB
6 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:16:26 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame AFF4 29 KB
12 KB 39ms
38ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be0d03bd855e0785df2bd26a69d417378323cc995451fad98ec51c07b502c501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
server: cafe
etag: 15931380066641067587
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 15:56:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4253 8 KB
892 B 66ms
36ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013490576&adf=1809502869&w=728&format=728x90_as&color_bg=2B54AA&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184770&bpp=4&bdt=242&idt=2825&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=PdnQgqJO76&p=http%3A//waoline.us&dtd=2829

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 12:38:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 14:19:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 14:19:48 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 4253 2 KB
904 B 34ms
31ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:09:23 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/ Frame 4253 19 KB
8 KB 24ms
22ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:19:32 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 4253 3 KB
1 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:17:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4253 119 KB
36 KB 80ms
50ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 14:19:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 4253 15 KB
6 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:16:26 GMT

GET
H3 200 63f6484ee989c3eda25e621c99817b87.js Show response
www.gstatic.com/mysidia/ Frame 4253 29 KB
12 KB 48ms
20ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 01:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 08:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 01:04:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AFF4 0
0 49ms
48ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf-khA_NOYsH3KKSaqMwPlr-OgA2YzevCaeHh-c3tD56D5oPiLxABINjZkwJgye6Oi8CkjBCgAczxksYDyAEDqAMByAPJBKoE2AFP0BsRooN7OVVU_nRbQp6R7DaErNKb0to6wfoRpBEw-TA6Acf5pEnLMRKO7AqUfBpmdVIHfhz4ljGSxZvFJO9P8MDgR1i-fWHz5L2rKbrMefpQtY5ed7TYFy2y-HNDYTqNF5AUV_BcNwc8zDC1RuDEoHCdaE3at9WmpbLi-6rcI9R672bcjI_EHwN-b5Cp0tavKRoDkrhTltlPK-Ov7vEH1uN4OOKqjplk0OiTZ93VdZi1jfFslWYEjs8nxZbsDW4S9GZKUo8GLVKAQ1C7V8vgKX6mniKq-3nABNXrjMnzA5IFBAgEGAGSBQQIBRgEoAYDgAecju05qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQzKOJAtIIBwiAYRABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzU1OTA5NTUwMjE3MjAwOBgA&sigh=-V_o823G2bM&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013200084&adf=1877341230&w=728&format=728x90_as&color_bg=2854A8&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184757&bpp=5&bdt=229&idt=2831&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZQpq7Prcd&p=http%3A//waoline.us&dtd=2835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4253 0
0 51ms
48ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjjujA_NOYt-fKZzfo9kPqdek-ArprMHAaa60yengD7bCvt6FAhABINjZkwJgye6Oi8CkjBCgAYffnYADyAEBqAMBqgTbAU_QXJMKsgjIClo099Lba5nm215RHxzQguuBgsAruH-AO633EQD7JLzS-gbzOJNfcyZjjoTeflgWuNi4IwfF2yI385Wo7c7z4FNmpgNDA_yFUur73JWdekwPdlfOVBkUszetSMZIAB43HcSVdis3hrkppSwrkoMqdH0NQL2hcl-G9g_fB7zHeVQIkClmUA27a2SKuOvl3Zm_MkteepuZ_Ykzi2O4aZVr6njY70vZahSoIMF9__GZN8mguLOSDhZjlyyCqXl4zLl0vt4YD0Wqi_87XuFKcy6rFW-YVcAE7ru16e0DkgUECAQYAZIFBAgFGASAB-Gg4n-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRDSwsUB0ggHCIBhEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NTU5MDk1NTAyMTcyMDA4GAA&sigh=r6pp1Xi45oo&uach_m=[UACH]&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013490576&adf=1809502869&w=728&format=728x90_as&color_bg=2B54AA&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184770&bpp=4&bdt=242&idt=2825&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=PdnQgqJO76&p=http%3A//waoline.us&dtd=2829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15289634550268635225/ Frame 4253 5 KB
5 KB 21ms
21ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15289634550268635225/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6ed92d48cb5a92db1f937d1b0675bb21413b78cd379b33dc2bd55bc22a250ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 09:11:35 GMT
x-content-type-options: nosniff
age: 191293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5117
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:59:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Apr 2023 09:11:35 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BF5 35 KB
13 KB 47ms
20ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 01:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 01:23:02 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/ Frame 1BC2 69 KB
17 KB 22ms
22ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3124350753&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184869&bpp=6&bdt=341&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1018&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fMIGRdM1E1&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22096cc189bb3e2f291581261288773c1180be7e8d7f3f5f5a15c35eea360034

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 506581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 17670
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 17:36:47 GMT
expires: Sat, 01 Apr 2023 17:36:47 GMT
last-modified: Fri, 30 Jul 2021 20:35:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B27121055.326258717;dc_pre=CPrDn92SgvcCFU6iswodM2MLYw;dc_trk_aid=518448069;dc_trk_cid=165273846;ord=1873194620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N30602.134426GOOGLEDISPLAYNETW7/ Frame A695
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N30602.134426GOOGLEDISPLAYNETW7/B27121055.326258717;dc_trk_aid=518448069;dc_trk_cid=165273846;ord=1873194620;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N30602.134426GOOGLEDISPLAYNETW7/B27121055.326258717;dc_pre=CPrDn92SgvcCFU6iswodM2MLYw;dc_trk_aid=518448069;dc_trk_cid=165273846;ord=1873194620;dc_lat=;dc_rdi...

42 B
63 B

77ms
49ms

Fetch
image/gif

142.250.176.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N30602.134426GOOGLEDISPLAYNETW7/B27121055.326258717;dc_pre=CPrDn92SgvcCFU6iswodM2MLYw;dc_trk_aid=518448069;dc_trk_cid=165273846;ord=1873194620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

Server

142.250.176.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N30602.134426GOOGLEDISPLAYNETW7/B27121055.326258717;dc_pre=CPrDn92SgvcCFU6iswodM2MLYw;dc_trk_aid=518448069;dc_trk_cid=165273846;ord=1873194620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A695 0
0 52ms
51ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGlodA_NOYp-dKcSlo9kP4-WKuAeSwNi0aceio4frD-Xl7MfGKBABINjZkwJgye6Oi8CkjBCgAfDDuc4DyAEJqAMByANIqgTUAU_QxndDlNCoV8eIpCoyQIaOzUAO5TleE3QpJKUuZAGtgGtQet7m2RmmVYh0UgH-qyP2Eow2HQXpomvDtybulDFuyS4Nobpy-S7oS-defrsoPT21jggspCFBFdZErj8fi7rJRUM_MKh3JaeonmR0hYH53eEgTnDXgoaNc_mB31fAarCO03NwTa-MaR9Qez76eR-FZUtbgQtIP0uFNwtmlQQtmY3t0JIkC4bLHiDnvs5QQdVHT-J_5AYaG6W5ukCA8n73L_mEGmLtDeJqcFvFelpC0DYGwATkycjm5gOSBQQIBBgBkgUECAUYBKAGLoAH-LvGMagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELT-RtIIBwiAYRABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzU1OTA5NTUwMjE3MjAwOBgA&sigh=bgbyePPjINE&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3124350753&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184869&bpp=6&bdt=341&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1018&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fMIGRdM1E1&p=http%3A//waoline.us&dtd=2736
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/ Frame A695 19 KB
8 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:19:32 GMT

GET
H3 200 4685069031238116858
tpc.googlesyndication.com/simgad/ Frame 36A6 68 KB
68 KB 23ms
22ms Image
image/gif 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4685069031238116858

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7ef33c1dd3f3bd0537bf6a16bed65673e8ceac040e1ec30bddf89100e842f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 05:44:02 GMT
x-content-type-options: nosniff
age: 462946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69255
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 22:56:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Apr 2023 05:44:02 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/ Frame 36A6 19 KB
8 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:19:32 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 36A6 3 KB
1 KB 24ms
21ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:17:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36A6 119 KB
36 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 14:19:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 36A6 15 KB
6 KB 23ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:16:26 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 36A6 29 KB
12 KB 25ms
22ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be0d03bd855e0785df2bd26a69d417378323cc995451fad98ec51c07b502c501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
server: cafe
etag: 15931380066641067587
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 15:56:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 36A6 0
0 52ms
48ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYYnkA_NOYuaSKbLYo9kPmb-f6AOYzevCaa_yxInzD56D5oPiLxABINjZkwJgye6Oi8CkjBCgAczxksYDyAEDqAMByAPJBKoE0wFP0N1QhBGsXC5Y30X7zfhlwpWgC9hR_EsyM2X2yhVLcdL-hN-gErhqy6fNoQtqdDHh3anrSgJuNq3dvjLJTCFEmcID-FVtk3F7TsRiAkHEq5J1PpGOQjxI9Yf9Vt2ksYyQuvwM76ayg576upR8SkTeSA3h6e9p781AngA2NwzTguvyYsl5fhw8pJnd1FIJLzKzz2yG1WfDtm1t2LbA_75rdKXaRrvcATtuzVOkpYQv2PcheH638GGrW-gA-dfy5dTadoBnZaPVQaInKePs_sZ3z_hrwATV64zJ8wOSBQQIBBgBkgUECAUYBKAGA4AHnI7tOagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENioVdIIBwiAYRABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzU1OTA5NTUwMjE3MjAwOBgA&sigh=HLSTiLs144w&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 62B6 143 B
163 B 28ms
24ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013200084&adf=1877341230&w=728&format=728x90_as&color_bg=2854A8&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184757&bpp=5&bdt=229&idt=2831&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZQpq7Prcd&p=http%3A//waoline.us&dtd=2835
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 13:54:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1A9 143 B
163 B 23ms
23ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=90&adk=4013490576&adf=1809502869&w=728&format=728x90_as&color_bg=2B54AA&color_border=FFFF00&color_link=FFFFFF&color_text=FFFFFF&color_url=FFFFFF&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184770&bpp=4&bdt=242&idt=2825&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=142&ady=428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&loc=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=PdnQgqJO76&p=http%3A//waoline.us&dtd=2829
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 13:54:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4253 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b5b65da8a653a70b814a1a6eb926267f572d57b28e90cc312e20c56c322b54

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 1BC2 27 KB
2 KB 39ms
38ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5851b109298f4b6be39add3138d3dfc5c6ba318ad6b2e03ff9fdfc24fd4463a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 14:19:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 14:19:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 14:19:48 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1BC2 16 KB
6 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 06:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Apr 2022 06:12:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1BC2 26 KB
10 KB 24ms
23ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 13:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Apr 2022 13:05:56 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 4253 28 KB
28 KB 69ms
21ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:44:53 GMT
x-content-type-options: nosniff
age: 142495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:44:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 39D7 143 B
163 B 21ms
20ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3124350753&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184869&bpp=6&bdt=341&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1018&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fMIGRdM1E1&p=http%3A//waoline.us&dtd=2736
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 13:54:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame A695 3 KB
1 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:17:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame A695 15 KB
6 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 14:16:26 GMT

GET
DATA 200
OK truncated
/ Frame AFF4 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5c975a3415201335a62d386d46fa4b393cd6e8c455e0fe5cab2ec7752f39adb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E00 143 B
163 B 21ms
20ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 13:54:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 36A6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84fe151af7e4daff54ac9e7c158bdffedad8aab716ec4cb272e57770f95a5700

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 62B6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
45ms

Document
text/html

2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 14:19:48 GMT
expires: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 14:19:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1A9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 14:19:48 GMT
expires: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 14:19:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 4125 35 KB
13 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 01:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 01:23:02 GMT

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ Frame 1BC2 8 KB
8 KB 51ms
22ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:32:07 GMT
x-content-type-options: nosniff
age: 67661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 19:32:07 GMT

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ Frame 1BC2 8 KB
8 KB 54ms
26ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:29:57 GMT
x-content-type-options: nosniff
age: 67791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 19:29:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A695 119 KB
36 KB 42ms
42ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 14:19:48 GMT

GET
DATA 200
OK truncated
/ Frame A695 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f70187b15f1ba5c6251c892f85a4465d22fcab8eba9713c5e80db33731e0aa86

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 39D7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
57ms

Document
text/html

2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 14:19:48 GMT
expires: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 14:19:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E00
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
57ms

Document
text/html

2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 14:19:48 GMT
expires: Thu, 07 Apr 2022 14:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 14:19:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 2270 35 KB
13 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559095502172008&output=html&h=600&slotname=4258269011&adk=1927939857&adf=3915992098&pi=t.ma~as.4258269011&w=160&lmt=1430950320&url=http%3A%2F%2Fwaoline.us%2FEconomy%2FBank%2FBnkUS1.htm&wgl=1&dt=1649341184875&bpp=3&bdt=347&idt=2733&shv=r20220405&mjsv=m202204040101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90_as%2C728x90_as%2C728x90_as&prev_slotnames=4258269011&correlator=2665287346331&frm=20&pv=1&ga_vid=1173055836.1649341185&ga_sid=1649341185&ga_hid=2066265707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1184&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C31066933&oid=2&pvsid=3085346754457060&pem=978&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cae%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=TbRqGVSwl8&p=http%3A//waoline.us&dtd=2736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 01:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 01:23:02 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BC2 35 KB
13 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 01:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 01:23:02 GMT

GET
H3 200 hand.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/ Frame 1BC2 13 KB
13 KB 25ms
24ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/hand.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7890a2cb51da66f3a709633111b9031710d2270953ebf88a18bae68384c8cdf0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13735
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 20:35:07 GMT
server: sffe
date: Wed, 06 Apr 2022 05:10:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 05:10:05 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/ Frame 1BC2 34 KB
34 KB 23ms
23ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d29936c2c155dc198c72fca5e578a65e41915b96115f2b8b1fba32425131e93

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 122853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34897
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 20:35:07 GMT
server: sffe
date: Wed, 06 Apr 2022 04:12:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 04:12:15 GMT

GET
H3 200 CONSOLIDATEDCREDIT-NEW-LOGO-color.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/ Frame 1BC2 9 KB
9 KB 27ms
27ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/CONSOLIDATEDCREDIT-NEW-LOGO-color.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb185a59b7f5e05563af268aebc4193675217bd20fc4c8b5fe178ef0e31e836

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 20:35:07 GMT
server: sffe
date: Wed, 06 Apr 2022 05:10:06 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 05:10:06 GMT

GET
H3 200 res-160x600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/ Frame 1BC2 23 KB
23 KB 26ms
25ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/res-160x600.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa7e810c4c7cf4d408bb8e32e3f1176f437aa85bb55b3df298625584507253d1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23920
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 20:35:07 GMT
server: sffe
date: Wed, 06 Apr 2022 05:10:06 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 05:10:06 GMT

GET
DATA 200
OK truncated
/ Frame 1BC2 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 hand.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/ Frame 1BC2 13 KB
13 KB 21ms
21ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16725250256943021739/hand.png

Requested by

Host: waoline.us
URL: http://waoline.us/Economy/Bank/BnkUS1.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7890a2cb51da66f3a709633111b9031710d2270953ebf88a18bae68384c8cdf0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13735
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 20:35:07 GMT
server: sffe
date: Wed, 06 Apr 2022 05:10:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 05:10:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFF4 42 B
64 B 69ms
40ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqf9mgiw15UQccrjMpNzKAFLxC45t79sa-QRgqDpvISmdL9sHmGHevmYu8I6AJkkCrH6FJYQl-G9hZDpTSGHIR3ZPhH2dAtt01puLN6S2QU1vUI48&sai=AMfl-YQC3iKqEwsFsAc2FtqAXGhrvEybmmOBztZImZPHz7w5fDZFUC4TyR2R65Mrl7rv7eby3ctoR165R7b8&sig=Cg0ArKJSzJdRyKKrRygnEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=4013200084&rs=2&la=0&cr=0&vs=4&r=v&rst=1649341187594&rpt=925&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 36A6 42 B
64 B 40ms
40ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3Zh08Zd0UdrdVxfh5Ncj49dz_BFFH67mmiFwQ9d-ZybC68t8vKJURYZ8J311_Oo89Wl3W3-GqrXgYJ3Qo3JQHURQyB-yddOgnl1OgQl20OwZ6Hk0&sai=AMfl-YRfH4WJDY2ewWzHB4glHR1A2sVgCkMEARNPi25RwrgE4l-3DCFE7rFTVAgEM4CPtN0Ez2rnOmnx6fsN&sig=Cg0ArKJSzKraC_sXQPPqEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1927939857&rs=2&la=0&cr=0&vs=4&r=v&rst=1649341187612&rpt=1068&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4253 42 B
64 B 41ms
40ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswFIduK3qVpPHBMG4JpIKTUfGS51u7Hu0tMK25yaY9cIk3k6g5rQLLsx5nPlAdQnUbpTHA-DxudZonZxUvdxEPaWoHHVOtkl66lMFnTLsO6M7xbCw&sai=AMfl-YSvzA_2Sv9szLuPl1lrazinu-Yb8pWkwiXhlzKBHuN6JSS2m82Qj4hOtnfxpPE5tWXfbrJu_54Y5_-r&sig=Cg0ArKJSzIBK5KhzxI-vEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4013490576&rs=2&la=0&cr=0&vs=4&r=v&rst=1649341187601&rpt=1125&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A695 42 B
64 B 40ms
40ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssp5jiYBV61eG7jE6C1XwWyJOHK61KwIIZOwiaEded5Lstyo0H37IDEEYPi_dO7MUZ_wzRxdEFSYsQ19zx9fyNjIkMDmth3rCotTvShoOJQowK_B9g&sai=AMfl-YSMPQaGLOGRkt6X_hxG5lY-y3c-i2Ur-OzX-eX6t0SodH9u8WUoeZd7SHndlqamBE-v_xHZvph054Hx&sig=Cg0ArKJSzLIbYZhG7i9REAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1927939857&rs=2&la=0&cr=0&vs=4&r=v&rst=1649341187607&rpt=1327&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 14:19:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.regions.com
URL: http://images.regions.com/virtualMedia/img1.jpg

Domain: www.tdbank.com
URL: https://www.tdbank.com/

Domain: www.micorp.com
URL: http://www.micorp.com/mibanknew/images/MIlogo1.gif

Domain: www.micorp.com
URL: http://www.micorp.com/mibank/images/pic_micorpbanner.jpg

Domain: www.synovus.com
URL: https://www.synovus.com/includes/images/logo.gif

Domain: www.assoc-amazon.com
URL: http://www.assoc-amazon.com/e/ir?t=waoline-20&l=ur2&o=1

Domain: www.forex-affiliate.net
URL: http://www.forex-affiliate.net/files/728x090_ENG_aff.gif

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.waoline.us/	1970-01-20 19:40:13	Name: __utma Value: 44753570.1173055836.1649341185.1649341185.1649341185.1
.waoline.us/	1969-12-31 23:59:59	Name: __utmc Value: 44753570
.waoline.us/	1970-01-20 06:31:49	Name: __utmz Value: 44753570.1649341185.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.waoline.us/	1970-01-20 02:09:01	Name: __utmt Value: 1
.waoline.us/	1970-01-20 02:09:02	Name: __utmb Value: 44753570.1.10.1649341185
www.truist.com/	1970-01-20 02:19:05	Name: AWSALBCORS Value: HAwcHTfD02j+A14IfejrnubUunv6E/oyq2r+loDrj1m1Va4yoPHg6u/lv7tU0Dlu3IqT2UPPHuoN3BhEMZryMCuuZoQ6x/usunUabRhRT/EVMYNFPpj9SkCh89qh
www.53.com/	1970-01-20 02:09:02	Name: AWSELBCORS Value: B503ED2F1EF9700649607026C911227B888706CD196272746263C81503A2C5E0BBACC163E1108C2659BC8362CBDCFA565726522413B95728EB3D3DE59F5523CCDEE54936BD
.www.53.com/	1969-12-31 23:59:59	Name: akaalb_ALB_www_53_com Value: ~op=LBM_www_53_com:Adobe\|~rv=33~m=Adobe:0\|~os=660684d2f9244e64940948b40aec0281~id=f5751683962cccdc29116b73bea500ba
.oanda.com/	1970-01-20 02:09:02	Name: __cf_bm Value: L9msFlvQm3_jq8FABPnez2mqYaiAwFuxBn.y7IA7Dz8-1649341185-0-AWK92vc+Xz2OnJWf3irxCx+e5kaF8zAyOYim8RYd/bxCaEDlsW+2PQpaoI6pTboqy5xJODEs7sQHC8z5nuKIaGZmYZhd+5RpJKDL7dxwC9r1
.oanda.com/	1969-12-31 23:59:59	Name: __cfruid Value: bd0ba577260a79c9a32abb03abe47c7845660569-1649341185
.bankofthewest.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_7_sn_77A3F28A10A3D6159CF21459EF462B01_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0
.synovus.com/	1970-01-20 02:09:08	Name: ak_bmsc Value: DAA769A73207F4A514A6ABF8DB592DEE~000000000000000000000000000000~YAAQR4PXFw0UnwOAAQAAPERlBA+XaU3nDs48wwhj3DfCga2VWqvhONAVHrjIv2Y1STToMGogYk5S/3HBjtkblmXxXYBOP30qb2cE1FPQw/hfrgfYp7NNw4zdaPK/SAbJ6ySMF0+OqpvNZbn8RFfP4mmr2FVa2VRoBgf9l+Th1dlIOwwj2Ov4hD88F0h+UaUlVo7lNUYByXrs61jkHk3MZSKJknXbRarxvg5lPEGZChJZHZVnu29HyRKbq0j3f4aJDWo3SPHaVRtmisKxF+c6vW/RXf633YwYvNzpIOdUyTcrY2VWtPrCdBiHzD9gU+xW2HtI5lynBin1pcZZb6uvI7NSEiANSc0Fuciel4ItRT8e4UA4d+1vdR+zAnMZzPco
.waoline.us/	1970-01-20 11:30:37	Name: __gads Value: ID=636fdc2ab5788a33-22188d4221d200b2:T=1649341187:RT=1649341187:S=ALNI_MbAIMwHOFylq_3nOfdVFNvL5rExbg
.doubleclick.net/	1970-01-20 19:40:13	Name: IDE Value: AHWqTUkD_L94TtOKhMxKm-0Xxzz42xhxeeQQCR1FB3D5qoOnz3LdJ5uULxBQMm10Vg4
.doubleclick.net/	1970-01-20 02:09:04	Name: DSID Value: NO_DATA

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://waoline.us/Economy/Bank/BnkUS1.htm(Line 1354) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://waoline.us/Economy/Bank/BnkUS1.htm(Line 1354) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.53.com/images/common/hp_top_logo_01.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.td.com/images/n1_TDBFGLogo.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www1.oanda.com/site/logos/currency-oanda-bg-113x60.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.comerica.com/Comerica_Content/About_Comerica/about_header.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.comerica.com/vgn-ext-templating/com_pub/images/global/header_logo.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.unionbank.com/Images/13107art_business_wlkng_tcm9-333.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.unionbank.com/Images/home_ub_logo_tcm9-2640.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.unionbank.com/Images/segment_about_q4-08_tcm9-17039.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.unionbank.com/Images/12973art_man_woman_tcm9-290.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.mynycb.com/images/logo1.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.popular.com/pr/shared/bpprlogo.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.synovus.com/master/images/page_pics/680/ir1.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.popular.com/pr/corp/img/header/pr-cor-home-header.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.mynycb.com/images/div1.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://www.bbvabancomerusa.com/images/TopSpanish.jpg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.tdbank.com/ Message: Failed to load resource: net::ERR_TIMED_OUT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
bbt.mediaroom.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.regions.com
jigsaw.w3.org
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
waoline.us
www.53.com
www.assoc-amazon.com
www.bancwestcorp.com
www.bankofthewest.com
www.bbt.com
www.bbvabancomerusa.com
www.bmoharris.com
www.comerica.com
www.ffiec.gov
www.forex-affiliate.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.huntington.com
www.key.com
www.mandtbank.com
www.micorp.com
www.mtb.com
www.mynycb.com
www.northerntrust.com
www.oanda.com
www.popular.com
www.rbc.com
www.rbcbank.com
www.rbcbankusa.com
www.synovus.com
www.td.com
www.tdbank.com
www.truist.com
www.uboc.com
www.unionbank.com
www1.oanda.com
www3.mtb.com
www4.harrisbank.com
images.regions.com
www.assoc-amazon.com
www.forex-affiliate.net
www.micorp.com
www.synovus.com
www.tdbank.com
104.106.249.128
104.17.30.191
12.19.225.25
132.200.148.131
142.250.176.198
142.250.80.98
184.50.213.229
184.51.149.80
184.85.197.233
192.229.162.193
204.44.11.44
204.74.99.100
204.74.99.103
208.71.55.51
216.52.215.25
23.217.42.219
23.3.117.25
23.3.125.17
23.3.126.173
23.5.224.115
23.78.161.229
2600:9000:21da:c000:e:eafc:c400:93a1
2600:9000:21ea:4a00:b:2146:1340:93a1
2606:4700::6811:1faa
2606:4700::6812:1713
2606:4700::6812:3c1
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::2002
64.178.214.50
66.96.130.45
91.195.240.116
052a153ac653cee8e2b7015d982d42a8524f43ede8a2c7d8335d085ce73879f6
0e4b14ce24fe23e980beedc93ae760842b7626f57a481f0dc1c4ff9683b53ea9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d19fbec9c93abfe232eec9bf10199d041db83d765d88dbd372caff18d54e1b4
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
22096cc189bb3e2f291581261288773c1180be7e8d7f3f5f5a15c35eea360034
278ea2ae13fb742cc6b52c093e4bc2602dabdee666c5985c331c6fe213c04da8
2c6775476c584ada4e937b3c5f3ed31fbd81c9fc37753820c3b9371b65112397
3e257c8353bd751b10739f1191cec7de437b102131f274e0bab4b32c12ae943b
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4c7ba5fc406b31aa3740de75b3e7ba948d7ae7520bdf0ae3a465af8f20c572f0
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
57a7c3df81d910dd83492dbf82f30babfe2f5f96f1ddaba824e318fd837f8694
58efee4f7a8797113cbbeda9c81e5b5fc8143fbceec9bef48e63d8b75f9c1636
5927f65b466761929e193397ac84661cecec1346417b62505f7c2d77aed5749c
5d29936c2c155dc198c72fca5e578a65e41915b96115f2b8b1fba32425131e93
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
63b5b65da8a653a70b814a1a6eb926267f572d57b28e90cc312e20c56c322b54
720a9bd18aaef18b65b29e48014f83dec6f0dcaa9f1a651f1c70c20eb6796d59
72d59eb6b58d4f8d1edede254f755e7e124548bfc46468beb94293fc8e2688c9
76eb1c65f1036afefce4409720aa2b808d7c827daaf5163e2c3d5f672503253c
7890a2cb51da66f3a709633111b9031710d2270953ebf88a18bae68384c8cdf0
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
7b983d3d871dec3cc18bf099fad8fddf3eacd6fd4d6ff8afad37871a5460340e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84fe151af7e4daff54ac9e7c158bdffedad8aab716ec4cb272e57770f95a5700
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95d1eb8be6ebc3babe7a29a00c91370742376b492aac1fbbaa931b63d67cea3f
991f4e564475c5356a34da4389ba577b25b7c7de691e1ec36796f28444c7ba74
9afe5007ab31a0edb7567beb8d45c198c678d364973cb7bbb62eb12700519401
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5851b109298f4b6be39add3138d3dfc5c6ba318ad6b2e03ff9fdfc24fd4463a
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a7ef33c1dd3f3bd0537bf6a16bed65673e8ceac040e1ec30bddf89100e842f21
ac0aa452f0efdb23b78bbcc0fec92f50c545dff974a0ff911c89852140867fd9
aca8c318ef8cc6255e80abd0bbb22441dc5550ba3f49f9820a567b3519bae764
b3f632aab7a7740a95b212dbf3e3801c01b41f71d62f76c4cf80fe0e8f354bcb
be0d03bd855e0785df2bd26a69d417378323cc995451fad98ec51c07b502c501
c394f8cfc167275501a6843d45f6eca414b946ba4e8a06e3de91c233729bc4f6
c6ff3da4ce21fcb1ff3f3a5df6e6a205e7522ee75e75fcfe733b87cf1aa594ae
d385583a89ce2aad66a67ba763d09815f432ea88637b339a3d567e53a3b85216
d5c975a3415201335a62d386d46fa4b393cd6e8c455e0fe5cab2ec7752f39adb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de4170e433e97866dd2e0c8561c39f3cfedb1f4c09884cbe58babaa12cc84855
deb185a59b7f5e05563af268aebc4193675217bd20fc4c8b5fe178ef0e31e836
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb3a64a222f0b499d7b8190361eb1e3bd2f6679b5a5cc73eb2997ffbc25d32
e6ed92d48cb5a92db1f937d1b0675bb21413b78cd379b33dc2bd55bc22a250ed
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f70187b15f1ba5c6251c892f85a4465d22fcab8eba9713c5e80db33731e0aa86
fa57a476882d9a92baeb79b2d1bb5a771ca1920a78be29809cbc70ff5a433e3b
fa7e810c4c7cf4d408bb8e32e3f1176f437aa85bb55b3df298625584507253d1
fad2160094de9288057aebb8d069311756de27e608802ece230371e488d28f22
fb51b0ccfaac28343968c94b4f4f4975a5083a901233d14631e85c0fb58e4294

waoline.us Open in urlscan Pro 66.96.130.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

126 Requests

57 %HTTPS

37 %IPv6

41 Domains

47 Subdomains

33 IPs

4 Countries

1187 kBTransfer

2527 kBSize

15 Cookies

53 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

waoline.us Open in urlscan Pro
66.96.130.45 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

57 %
HTTPS

37 %
IPv6

41
Domains

47
Subdomains

33
IPs

4
Countries

1187 kB
Transfer

2527 kB
Size

15
Cookies

126 HTTP transactions
5 data transactions