public.websteronline.com Open in urlscan Pro
3.218.70.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.websterbank.com/
Effective URL:
https://public.websteronline.com/
Submission: On October 02 via api (October 2nd 2022, 10:47:06 am UTC) from US — Scanned from DE

Summary HTTP 151 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 66 IPs in 10 countries across 65 domains to perform 151 HTTP transactions. The main IP is 3.218.70.254, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is public.websteronline.com. The Cisco Umbrella rank of the primary domain is 364317.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 3rd 2022. Valid for: a year.

This is the only time public.websteronline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	12.227.185.50 12.227.185.50	20072 (WEBSTER-BANK) (WEBSTER-BANK)
1 3	12.227.185.68 12.227.185.68	20072 (WEBSTER-BANK) (WEBSTER-BANK)
1 28	3.218.70.254 3.218.70.254	14618 (AMAZON-AES) (AMAZON-AES)
2	12.227.185.69 12.227.185.69	20072 (WEBSTER-BANK) (WEBSTER-BANK)
1	13.108.248.6 13.108.248.6	14340 (SALESFORCE) (SALESFORCE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:11a... 2a02:26f0:11a::6867:4841	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4848	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	92.123.36.220 92.123.36.220	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	104.103.105.16 104.103.105.16	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
11	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.251.39.70 142.251.39.70	15169 (GOOGLE) (GOOGLE)
2	104.18.4.236 104.18.4.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
1	3.86.136.12 3.86.136.12	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2 15	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
1 2	18.159.9.120 18.159.9.120	16509 (AMAZON-02) (AMAZON-02)
1	104.103.102.147 104.103.102.147	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.29.233.77 52.29.233.77	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.145 185.86.138.145	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2.18.79.136 2.18.79.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	3.121.59.219 3.121.59.219	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 8	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 7	184.51.9.44 184.51.9.44	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
4 4	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:cb0... 2a02:6ea0:cb00::2	60068 (CDN77 ^_^) (CDN77 ^_^)
2 3	34.247.1.169 34.247.1.169	16509 (AMAZON-02) (AMAZON-02)
2	104.96.159.57 104.96.159.57	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	34.248.125.130 34.248.125.130	16509 (AMAZON-02) (AMAZON-02)
1	52.218.122.40 52.218.122.40	16509 (AMAZON-02) (AMAZON-02)
3 3	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4 5	139.162.172.91 139.162.172.91	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	139.162.141.41 139.162.141.41	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	193.135.9.126 193.135.9.126	48314 (IP-PROJECTS) (IP-PROJECTS)
1	52.48.197.119 52.48.197.119	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	52.222.214.97 52.222.214.97	16509 (AMAZON-02) (AMAZON-02)
2 3	44.197.9.232 44.197.9.232	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.228.8.136 54.228.8.136	16509 (AMAZON-02) (AMAZON-02)
1 1	3.75.14.26 3.75.14.26	16509 (AMAZON-02) (AMAZON-02)
2 2	3.123.174.3 3.123.174.3	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2.18.69.48 2.18.69.48	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:223... 2600:9000:223f:5a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.71.169.66 3.71.169.66	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	13.108.249.7 13.108.249.7	14340 (SALESFORCE) (SALESFORCE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	13.110.46.224 13.110.46.224	() ()
151	66

1 12.227.185.50 (Lyndhurst, United States) 1 redirects

ASN20072 (WEBSTER-BANK, US)

www.websterbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 12.227.185.68 (Lyndhurst, United States) 1 redirects

ASN20072 (WEBSTER-BANK, US)

www.websteronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 3.218.70.254 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-70-254.compute-1.amazonaws.com

public.websteronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 12.227.185.69 (Lyndhurst, United States)

ASN20072 (WEBSTER-BANK, US)

static.websteronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.108.248.6 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ord.la1-c1cs-ord.salesforceliveagent.com

c.la1-c1cs-ord.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:11a::6867:4841 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4848 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 92.123.36.220 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-220.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.103.105.16 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-105-16.deploy.static.akamaitechnologies.com

libs.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tmscdn.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.adreadyclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f6.1e100.net

5724674.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.4.236 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

pixelconnector.adready.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.86.136.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-136-12.compute-1.amazonaws.com

data.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.9.120 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-9-120.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.102.147 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-102-147.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.233.77 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-233-77.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.145 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.59.219 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-59-219.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 77.243.60.138 (Aalborg, Denmark) 7 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.51.9.44 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-44.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.249 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Schopfheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.198.126.47 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:cb00::2 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.247.1.169 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-1-169.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.159.57 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.125.130 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-125-130.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.122.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.213 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.172.91 (Frankfurt am Main, Germany) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1489-91.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.141.41 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: tags1.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.126 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.197.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-197-119.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-97.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.197.9.232 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-9-232.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.8.136 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-8-136.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.14.26 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-14-26.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.174.3 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-174-3.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (Littleton, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.69.48 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-48.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:5a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.108.249.7 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ord.la1-c2-ord.salesforceliveagent.com

d.la1-c2-ord.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.46.224 (None, )

ASN- ()

d.la4-c2-ia5.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	websteronline.com 2 redirects www.websteronline.com — Cisco Umbrella Rank: 323791 public.websteronline.com — Cisco Umbrella Rank: 364317 static.websteronline.com — Cisco Umbrella Rank: 344404	3 MB
20	adform.net 4 redirects a2.adform.net — Cisco Umbrella Rank: 6023 s2.adform.net — Cisco Umbrella Rank: 6100 c1.adform.net — Cisco Umbrella Rank: 614 dmp.adform.net — Cisco Umbrella Rank: 4683	41 KB
12	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1002	48 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	173 KB
8	semasio.net 7 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1041 se.semasio.net — Cisco Umbrella Rank: 24645	5 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 588	233 KB
7	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 935	7 KB
7	doubleclick.net 5 redirects 5724674.fls.doubleclick.net — Cisco Umbrella Rank: 883253 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	4 KB
7	coremetrics.com libs.coremetrics.com — Cisco Umbrella Rank: 13703 data.coremetrics.com — Cisco Umbrella Rank: 13406 tmscdn.coremetrics.com — Cisco Umbrella Rank: 13616	52 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 25854 tags.adsafety.net — Cisco Umbrella Rank: 162505	10 KB
5	exelator.com 4 redirects loadm.exelator.com — Cisco Umbrella Rank: 1477 load77.exelator.com — Cisco Umbrella Rank: 2498 loada.exelator.com — Cisco Umbrella Rank: 23043	4 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 428	5 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2379	3 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3176	1 KB
3	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 708	804 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28 region1.google-analytics.com — Cisco Umbrella Rank: 2852	20 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 378	12 KB
3	salesforceliveagent.com c.la1-c1cs-ord.salesforceliveagent.com — Cisco Umbrella Rank: 242082 d.la1-c2-ord.salesforceliveagent.com — Cisco Umbrella Rank: 131404 d.la4-c2-ia5.salesforceliveagent.com	43 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 430	579 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 13777	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10667	527 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 727	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 211	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 344	529 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 524	654 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1523	943 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 288	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 282	486 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 6103	694 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 671	823 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8962 www.google.de — Cisco Umbrella Rank: 6301	1 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	adready.com pixelconnector.adready.com — Cisco Umbrella Rank: 38947	958 B
2	rlcdn.com di.rlcdn.com — Cisco Umbrella Rank: 1939 idsync.rlcdn.com — Cisco Umbrella Rank: 329	140 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	33 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 95	53 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 217	616 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 318	14 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1184	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 376	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 22260	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 712	241 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1039	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 456	1 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 2109	72 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 455	491 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 19468	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 686	225 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 515	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 36816	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 24734	406 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 1805	273 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 940	344 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1248	99 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 716	797 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626	21 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 667	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 2179	522 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 18561	343 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129	15 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	204 B
1	adreadyclick.com tracker.adreadyclick.com — Cisco Umbrella Rank: 35982	3 KB
1	websterbank.com 1 redirects www.websterbank.com	252 B
151	65

	Domain	Requested by
28	public.websteronline.com	1 redirects public.websteronline.com
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
12	tags.tiqcdn.com	public.websteronline.com tags.tiqcdn.com
11	www.googletagmanager.com	tags.tiqcdn.com www.googletagmanager.com public.websteronline.com
7	pixel.mathtag.com	2 redirects a2.adform.net pixel.mathtag.com
7	use.typekit.net	public.websteronline.com use.typekit.net
5	cm.adsafety.net	4 redirects c1.adform.net
5	se.semasio.net	4 redirects c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	a2.adform.net	2 redirects public.websteronline.com a2.adform.net
4	libs.coremetrics.com	tags.tiqcdn.com libs.coremetrics.com tmscdn.coremetrics.com
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	pixel.onaudience.com	3 redirects
3	sync.crwdcntrl.net	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	bat.bing.com	tags.tiqcdn.com bat.bing.com public.websteronline.com
3	www.websteronline.com	1 redirects static.websteronline.com
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	loada.exelator.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	ib.adnxs.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.google-analytics.com	www.googletagmanager.com public.websteronline.com
2	tmscdn.coremetrics.com	libs.coremetrics.com tmscdn.coremetrics.com
2	pixelconnector.adready.com	static.websteronline.com
2	5724674.fls.doubleclick.net	1 redirects tags.tiqcdn.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	www.youtube.com	public.websteronline.com www.youtube.com
2	static.websteronline.com	public.websteronline.com
1	d.la4-c2-ia5.salesforceliveagent.com	c.la1-c1cs-ord.salesforceliveagent.com
1	bam.nr-data.net	js-agent.newrelic.com
1	d.la1-c2-ord.salesforceliveagent.com	c.la1-c1cs-ord.salesforceliveagent.com
1	js-agent.newrelic.com	public.websteronline.com
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	sync-t1.taboola.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	a1.seadform.net	public.websteronline.com
1	www.google.de	public.websteronline.com
1	www.google.com	public.websteronline.com
1	adservice.google.de	adservice.google.com
1	region1.google-analytics.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	adservice.google.com	5724674.fls.doubleclick.net
1	data.coremetrics.com	public.websteronline.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.facebook.com	public.websteronline.com
1	tracker.adreadyclick.com	tags.tiqcdn.com
1	s2.adform.net	public.websteronline.com
1	di.rlcdn.com	tags.tiqcdn.com
1	p.typekit.net	use.typekit.net
1	c.la1-c1cs-ord.salesforceliveagent.com	public.websteronline.com
1	www.websterbank.com	1 redirects
151	86

This site contains links to these domains. Also see Links.

Domain
www.websteronline.com
snb.com
www.snb.com
careers.websteronline.com
webster.gcs-web.com
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
public.websteronline.com Entrust Certification Authority - L1K	`2022-06-03` - `2023-06-03`	a year	crt.sh
la1-c1cs-ord.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-03` - `2023-02-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
static.websteronline.com Entrust Certification Authority - L1M	`2022-07-28` - `2023-08-23`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
www.websteronline.com Entrust Certification Authority - L1M	`2022-05-25` - `2023-06-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-11` - `2022-10-09`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.coremetrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-27` - `2023-05-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-01` - `2023-04-01`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
la1-c2-ord.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-03` - `2023-02-01`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
la4-c2-ia5.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-07` - `2023-09-07`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://public.websteronline.com/
Frame ID: 1DD1056329788B0D80D2083E1500DFB4
Requests: 95 HTTP requests in this frame

Frame: https://di.rlcdn.com/468366.html?pdata=page_id%3DHOME
Frame ID: 44439E2AFD17F83E47F55B970825B52C
Requests: 1 HTTP requests in this frame

Frame: https://5724674.fls.doubleclick.net/activityi;dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692
Frame ID: D741A6F418CB920E5E8ADBB2CB502C95
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692;~oref=https://public.websteronline.com/
Frame ID: F5DC0AADA021AFF513BBB15B9BA7EBAC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692;~oref=https://public.websteronline.com/
Frame ID: 2AB49618FB990400EF22507BA5D61A22
Requests: 1 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2011421&lid=75390525&ctype=0&media=0&PageName=public.websteronline.com%2f&rnd=1176891521&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2f
Frame ID: D47C3C8FBBE8386B6DA2C5EDC2AB9B79
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Frame ID: 59F19DABAF4816C509E34FA9B4ACAFE7
Requests: 46 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=d4cc6339-6c25-4f00-8366-62173813d0a5&no_iframe=1&mt_adid=206701&source=mathtag
Frame ID: 90B857DD5E1445EEA414DAFBC0B51622
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webster Bank | Banking, Lending, Investments & Private BankWebster-monogram

Page URL History Show full URLs

http://www.websterbank.com/ HTTP 301
https://www.websteronline.com/ HTTP 302
https://public.websteronline.com/ Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

drupal\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

151
Requests

83 %
HTTPS

21 %
IPv6

65
Domains

86
Subdomains

66
IPs

10
Countries

3607 kB
Transfer

5214 kB
Size

105
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.websteronline.com/bank/ds?action=df_reqUsername-reqUsername
Title: Forgot your username?

Search URL Search Domain Scan URL

URL: https://www.websteronline.com/bank/ds?action=df_logincontroller-PasswordReset&relogin=true
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.websteronline.com/bank/enroll
Title: Enroll

Search URL Search Domain Scan URL

URL: https://snb.com/
Title: snb.com

Search URL Search Domain Scan URL

URL: https://www.snb.com/sterling-webster-merger/
Title: Merger Page

Search URL Search Domain Scan URL

URL: https://careers.websteronline.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://webster.gcs-web.com/news-releases/news-release-details/webster-sterling-complete-merger
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.facebook.com/websterbank
Title: Visit us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/WebsterBank
Title: Visit us on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/webster-bank
Title: Visit us on Linkedin

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/officialwebsterbank/
Title: Visit us on Pinterest

Search URL Search Domain Scan URL

URL: https://www.youtube.com/websterfinancial
Title: Visit us on Youtube

Search URL Search Domain Scan URL

URL: https://webster.gcs-web.com/
Title: Investor Relations

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.websterbank.com/ HTTP 301
https://www.websteronline.com/ HTTP 302
https://public.websteronline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://public.websteronline.com/wolstatic/js/vendor/common2.js HTTP 302
https://static.websteronline.com/wolstatic/js/vendor/common2.js

Request Chain 55

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 59

https://5724674.fls.doubleclick.net/activityi;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692 HTTP 302
https://5724674.fls.doubleclick.net/activityi;dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692

Request Chain 92

https://a2.adform.net/Serving/TrackPoint/?pm=2011421&ADFdivider=|&ord=947806812441&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2011421&ADFdivider=|&ord=947806812441&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 97

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=8748632250128668555&Expiration=1665917221 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=8748632250128668555&Expiration=1665917221

Request Chain 100

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8748632250128668555&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8748632250128668555&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=0ad68b4d4d1a49239f4f39b8d715c00f HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=c3498e8f5819102f762b2ab489dfc98e8f8d158406e4b9b35f336092ef7204e7

Request Chain 102

https://ups.analytics.yahoo.com/ups/55944/sync?uid=8748632250128668555&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=8748632250128668555&_origin=1&verify=true

Request Chain 104

https://x.bidswitch.net/sync?dsp_id=70&user_id=8748632250128668555 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=8748632250128668555 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2549d405-f98a-4f69-ae20-404f8425a147

Request Chain 105

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8748632250128668555&expiration=1665917221 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8748632250128668555&expiration=1665917221&C=1

Request Chain 106

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8748632250128668555&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8748632250128668555&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=8748632250128668555&gdpr=&gdpr_consent=&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=878b6339-6c25-4a00-a86a-2481e9e498b0&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fse.semasio.net%252Fsync%252F1%252F4354957%253FsExtCookieId%253D%2524UID%2526sInitiator%253Dinternal%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=513279996183859826&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NkJEQjQwMzgwMENGNUM1RA&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKWF1jhYs-c5fOxABWzgi6k&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEKWF1jhYs-c5fOxABWzgi6k&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7149864793900316817&sInitiator=internal&gdpr=0&gdpr_consent=

Request Chain 108

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8748632250128668555 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8748632250128668555&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 110

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8748632250128668555/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8748632250128668555/gdpr=/gdpr_consent=

Request Chain 113

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 114

https://pixel.onaudience.com/?mapped=8748632250128668555&partner=68 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9f5feb0f4a6fb973/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ed60bd09feea7ac1ecf0b728831f6510&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 115

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8748632250128668555 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM120221002101fd64fe4f6ce9ce0244&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=ceed9a3b4a14ad1e90b23bd6a63afc5a HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120221002101fd64fe4f6ce9ce0244&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=ceed9a3b4a14ad1e90b23bd6a63afc5a&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjEwMDIxMDFmZDY0ZmU0ZjZjZTljZTAyNDQ HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEM1U-NUwEFrA6BT16OXiR3A&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120221002101fd64fe4f6ce9ce0244 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8748632250128668555

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODc0ODYzMjI1MDEyODY2ODU1NQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBp0f9ypYIfCfyKdpCjQzWw&google_cver=1&google_ula=1641347,0

Request Chain 118

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=3361407334220842506&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=8748632250128668555

Request Chain 122

https://a.audrte.com/a?adform_uid=8748632250128668555 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEB4LqaWfpWm3f7s9x35F8H0&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 123

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8748632250128668555&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=8748632250128668555&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=00000040133658086954499578533430860806&noredirect=1

Request Chain 124

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8748632250128668555 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217093104292001267621

Request Chain 125

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7149864793900316817

Request Chain 127

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=878b6339-6c25-4a00-a86a-2481e9e498b0

Request Chain 128

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=XIX3KoPP1OEWuW5

Request Chain 132

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=495247169 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=PlVJmTzURs5dGNFS6yTmnu

Request Chain 134

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8748632250128668555 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8748632250128668555&cs=1

Request Chain 136

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=8748632250128668555&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=8748632250128668555&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=ca2842f3-6207-41ad-bca1-9534acb4b12f

151 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
public.websteronline.com/
Redirect Chain

http://www.websterbank.com/
https://www.websteronline.com/
https://public.websteronline.com/

121 KB
33 KB

622ms
188ms

Document
text/html

3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bd2bc77a246628e8dc27f6a85a6e461603e516e55d09c0cd7135da7c5d9a8d32

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'unsafe-inline' 'unsafe-eval' 'self' data: https:; report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 296
cache-control: max-age=3600, public
content-encoding: gzip
content-language: en
content-length: 32837
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'unsafe-inline' 'unsafe-eval' 'self' data: https:; report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 10:46:56 GMT
etag: "1664641641"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Sat, 01 Oct 2022 16:27:21 GMT
link: <https://public.websteronline.com/>; rel="canonical", <https://public.websteronline.com/>; rel="shortlink"
permissions-policy: interest-cohort=()
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie
via: varnish
x-ah-environment: prod
x-cache: HIT
x-cache-hits: 54
x-content-type-options: nosniff
x-drupal-cache: HIT
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-request-id: v-b0669c6a-41a7-11ed-b447-7baa14036b9a
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 217
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 02 Oct 2022 10:46:56 GMT
Keep-Alive: timeout=15, max=494
Location: https://public.websteronline.com/
Server: Apache

GET
H/1.1

200
OK

common2.js Show response
static.websteronline.com/wolstatic/js/vendor/
Redirect Chain

https://public.websteronline.com/wolstatic/js/vendor/common2.js
https://static.websteronline.com/wolstatic/js/vendor/common2.js

1 KB
1 KB

463ms
126ms

Script
application/javascript

12.227.185.69
WEBSTER-BANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/
Protocol: HTTP/1.1
Server: 12.227.185.69 Lyndhurst, United States, ASN20072 (WEBSTER-BANK, US),
Reverse DNS
Software: /
Resource Hash: 7f10b60a29ff558ff7052f1b93569d36cb1fff71b3ee347fafdf1e2d6f8960b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 10:46:57 GMT
Content-Encoding: gzip
Via: 1.1 google
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
X-Ion-Hop: Prod
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0

Redirect headers

date: Sun, 02 Oct 2022 10:46:56 GMT
via: varnish
x-content-type-options: nosniff
server: nginx
age: 0
x-cache: MISS
content-type: text/html; charset=iso-8859-1
location: https://static.websteronline.com/wolstatic/js/vendor/common2.js
cache-control: max-age=1209600
content-length: 247
x-request-id: v-890c946a-423f-11ed-bef3-0ff4c4b61e21
expires: Sun, 16 Oct 2022 10:46:56 GMT

GET
H2 200 css_9SgBeTyIU13EmMEhEzu_dLcIslwSEYSO-PJC1ztPSGg.css
public.websteronline.com/sites/default/files/css/ 7 KB
3 KB 96ms
95ms Stylesheet
text/css 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/sites/default/files/css/css_9SgBeTyIU13EmMEhEzu_dLcIslwSEYSO-PJC1ztPSGg.css

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f52801793c88535dc498c121133bbf74b708b25c1211848ef8f242d73b4f4868

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Thu, 06 Oct 2022 01:18:08 GMT
date: Sun, 02 Oct 2022 10:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 898128
x-cache: HIT
x-ah-environment: prod
content-length: 2230
x-request-id: v-6acc383a-3a14-11ed-b845-5bc5064ce8fe
last-modified: Sat, 27 Aug 2022 15:00:22 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 286751

GET
H2 200 css_Klo6eL0sL4dOc0SWBkYaFI2yLmePPjl2TrgUdyLh2is.css
public.websteronline.com/sites/default/files/css/ 626 KB
100 KB 96ms
96ms Stylesheet
text/css 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/sites/default/files/css/css_Klo6eL0sL4dOc0SWBkYaFI2yLmePPjl2TrgUdyLh2is.css

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2a5a3a78bd2c2f874e73449606461a148db22e678f3e39764eb8147722e1da2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Thu, 06 Oct 2022 01:18:08 GMT
date: Sun, 02 Oct 2022 10:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 898128
x-cache: HIT
x-ah-environment: prod
content-length: 101773
x-request-id: v-6acc3eb6-3a14-11ed-9b24-9b3a732aceb2
last-modified: Thu, 25 Aug 2022 01:06:35 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 324026

GET
H2 200 Homepage_Hero.jpg
public.websteronline.com/sites/default/files/styles/hero_basic/public/2022-01/ 349 KB
349 KB 159ms
157ms Image
image/jpeg 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.websteronline.com/sites/default/files/styles/hero_basic/public/2022-01/Homepage_Hero.jpg?itok=3V6_S3f0

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0dc34c40ab9306e51a525d3d6e4f3a3211d2c196b69cf902db18d1d826f1bd48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Thu, 06 Oct 2022 01:18:08 GMT
date: Sun, 02 Oct 2022 10:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 356635
x-request-id: v-6acc48a2-3a14-11ed-92a1-c7262aed4c4f
last-modified: Fri, 28 Jan 2022 23:05:45 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 119404

GET
H2 200 webster-sterling_3.png
public.websteronline.com/sites/default/files/styles/promo_media_extra_large_1x/public/2021-04/ 68 KB
68 KB 159ms
158ms Image
image/png 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.websteronline.com/sites/default/files/styles/promo_media_extra_large_1x/public/2021-04/webster-sterling_3.png?itok=D-ALM1q4

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f702e403f2f0bca7e1b1ab8a6b6e2ce20036d4bd96fa66c4cb8d87a24c378e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Thu, 06 Oct 2022 01:18:08 GMT
date: Sun, 02 Oct 2022 10:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 69570
x-request-id: v-6acd2e84-3a14-11ed-b056-7b7f0491a1f7
last-modified: Tue, 20 Apr 2021 02:08:03 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 65142

GET
H2 200 Andruzzi.png
public.websteronline.com/sites/default/files/styles/card_318x180/public/2020-04/ 84 KB
84 KB 160ms
158ms Image
image/png 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.websteronline.com/sites/default/files/styles/card_318x180/public/2020-04/Andruzzi.png?itok=NAqukDF7

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

df95333b7ee62228a6066816556103d8f785497bb030e8c0c72170bb815c2e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Thu, 06 Oct 2022 01:18:08 GMT
date: Sun, 02 Oct 2022 10:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 85955
x-request-id: v-6ace776c-3a14-11ed-b6bb-a73019c98416
last-modified: Tue, 09 Jun 2020 12:14:34 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 131601

GET
H2 200 hsa_endorse_FDIC_4c_rgb_0.png
public.websteronline.com/sites/default/files/styles/card_211x211/public/2020-06/ 26 KB
26 KB 159ms
158ms Image
image/png 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.websteronline.com/sites/default/files/styles/card_211x211/public/2020-06/hsa_endorse_FDIC_4c_rgb_0.png?itok=Cx6jgLek

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

35de833a1ccd38081bb51ca4c1424148f8ba09933b78401b959f8567274078c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Thu, 06 Oct 2022 01:18:08 GMT
date: Sun, 02 Oct 2022 10:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 26512
x-request-id: v-6ace85fe-3a14-11ed-98e1-3303b26ce07e
last-modified: Thu, 18 Jun 2020 18:33:22 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 129081

GET
H2 200 drupal-jquery.js Show response
public.websteronline.com/themes/custom/particle/dist/app-drupal/assets/ 89 KB
90 KB 95ms
95ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/themes/custom/particle/dist/app-drupal/assets/drupal-jquery.js?rj30g1

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

839b6256db7eb4ee47f9f0912ec869b50a619e853431d4b6e65abfd9154b852a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 22453
date: Sun, 02 Oct 2022 10:46:56 GMT
via: varnish
x-content-type-options: nosniff
age: 67599
x-cache: HIT
x-ah-environment: prod
content-length: 91564
x-request-id: v-24b6fd4a-41a2-11ed-9d83-6ffeb15029ed
last-modified: Fri, 29 Apr 2022 01:10:28 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 15 Oct 2022 16:00:17 GMT

GET
H2 200 element.matches.js Show response
public.websteronline.com/core/misc/polyfills/ 285 B
656 B 95ms
94ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/core/misc/polyfills/element.matches.js?v=9.3.19

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ddb9c86b7030bea52fb8beafcc9efc078c1a8384b00034b39b2519a943215932

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 319000
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898128
x-cache: HIT
x-ah-environment: prod
content-length: 285
x-request-id: v-6ace78a2-3a14-11ed-ad06-c3a6999c2513
last-modified: Fri, 25 Feb 2022 02:06:41 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 object.assign.js Show response
public.websteronline.com/core/misc/polyfills/ 922 B
1 KB 95ms
94ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/core/misc/polyfills/object.assign.js?v=9.3.19

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b0f142e8f3015a755a51e3f3511ffb0faa1b6c2dd82b15769c5405541c2d9453

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 319108
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898128
x-cache: HIT
x-ah-environment: prod
content-length: 922
x-request-id: v-6ace9dbe-3a14-11ed-8030-efdad5b4bbaa
last-modified: Fri, 25 Feb 2022 02:05:52 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 once.min.js Show response
public.websteronline.com/core/assets/vendor/once/ 1 KB
2 KB 94ms
94ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/core/assets/vendor/once/once.min.js?v=1.0.1

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 315967
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898128
x-cache: HIT
x-ah-environment: prod
content-length: 1357
x-request-id: v-6ace9170-3a14-11ed-a37e-0b90053a4733
last-modified: Fri, 25 Feb 2022 02:09:11 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 jquery.once.min.js Show response
public.websteronline.com/core/assets/vendor/jquery-once/ 908 B
1 KB 95ms
95ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.3

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 318756
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898128
x-cache: HIT
x-ah-environment: prod
content-length: 908
x-request-id: v-6acec294-3a14-11ed-bbdb-bf63a937649c
last-modified: Sat, 02 Jan 2021 10:55:00 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 drupalSettingsLoader.js Show response
public.websteronline.com/core/misc/ 518 B
890 B 94ms
94ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/core/misc/drupalSettingsLoader.js?v=9.3.19

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

26397bfd8b42061dd946d0b7466e0e34a727cf96a549026d0d050b60f1bce4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 318434
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 518
x-request-id: v-6ace947c-3a14-11ed-8611-e301449d1bc3
last-modified: Fri, 25 Feb 2022 02:10:01 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 drupal.js Show response
public.websteronline.com/core/misc/ 6 KB
7 KB 95ms
94ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/core/misc/drupal.js?v=9.3.19

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

89b409b82a82e4159afd9a7d4240426f723e28ea599002c9b7ab7f82f7122c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 316061
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 6388
x-request-id: v-6aceaa2a-3a14-11ed-a582-e7774dbe179a
last-modified: Fri, 25 Feb 2022 02:07:29 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 drupal.init.js Show response
public.websteronline.com/core/misc/ 733 B
1 KB 95ms
95ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/core/misc/drupal.init.js?v=9.3.19

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

44cf0c7aebe493ef98b42bd6f0af1892712b28fc0d3395b85817c78ebbe196f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 318667
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 733
x-request-id: v-6acea4c6-3a14-11ed-9001-b32bbaa50cb5
last-modified: Fri, 25 Feb 2022 02:06:41 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 picturefill.min.js Show response
public.websteronline.com/core/assets/vendor/picturefill/ 12 KB
12 KB 94ms
94ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/core/assets/vendor/picturefill/picturefill.min.js?v=3.0.3

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 205583
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 11807
x-request-id: v-6aceb6b4-3a14-11ed-9619-27e82606de2b
last-modified: Sat, 02 Jan 2021 10:56:08 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 app.js Show response
public.websteronline.com/themes/custom/particle/dist/app-drupal/assets/ 1 MB
1 MB 95ms
95ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/themes/custom/particle/dist/app-drupal/assets/app.js?rj30g1

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9f097b3f97e5b5bdd409eaacf86a583fb5afea65048c7c583e794ef70143ca35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 22735
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 67600
x-cache: HIT
x-ah-environment: prod
content-length: 1454423
x-request-id: v-24b8b95a-41a2-11ed-aeb5-470ea5ee58f7
last-modified: Thu, 22 Sep 2022 01:13:38 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 15 Oct 2022 16:00:17 GMT

GET
H2 200 tealiumiq_async.js Show response
public.websteronline.com/modules/contrib/tealiumiq/js/ 364 B
736 B 163ms
162ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/modules/contrib/tealiumiq/js/tealiumiq_async.js?v=1.x

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a2c3e2ecfe9623ad36c8f2de9769e281dd6b81956b5767811dde9f0a5bf719f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 319526
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 364
x-request-id: v-6acf871a-3a14-11ed-80db-5f2f3ddadfaf
last-modified: Sat, 02 Jan 2021 11:21:57 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H/1.1 200
OK deployment.js Show response
c.la1-c1cs-ord.salesforceliveagent.com/content/g/js/40.0/ 41 KB
41 KB 2213ms
612ms Script
application/javascript 13.108.248.6
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.la1-c1cs-ord.salesforceliveagent.com/content/g/js/40.0/deployment.js
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.108.248.6 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: dcl1-ord.la1-c1cs-ord.salesforceliveagent.com
Software: Jetty /
Resource Hash: e2d67cfe851ac40b0ff20ccf8e923e97ff3413754725b80fd7ff0d677a45f352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:46:59 GMT
Cache-Control: max-age=60, must-revalidate
Last-Modified: Fri, 23 Sep 2022 16:52:54 GMT
Server: Jetty
Accept-Ranges: bytes
Content-Length: 41924
Content-Type: application/javascript

GET
H2 200 wb_chat.js Show response
public.websteronline.com/modules/custom/wb_help/js/ 1 KB
2 KB 161ms
158ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/modules/custom/wb_help/js/wb_chat.js?v=1

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9c6977d24e8c6c18c26cb9ab610f3c57ef9a1c7e9a3c4afadd3b73afada620a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 316994
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 1361
x-request-id: v-6acf86fc-3a14-11ed-83ff-bfd14c8b18e0
last-modified: Sat, 02 Jan 2021 10:55:00 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 68ms
31ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad3e96cb4461ada912c601d7163ea04a2ce8b5021c82d77a1eb1c8c13f81c29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:46:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 02 Oct 2022 10:46:57 GMT

GET
H2 200 wb_tealium_events.js Show response
public.websteronline.com/modules/custom/wb_tealium/js/ 9 KB
9 KB 159ms
156ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/modules/custom/wb_tealium/js/wb_tealium_events.js?v=1

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f3aa698421d8695e0939a7563f724929382a02482af32d929feb740db8ced6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 316198
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 9096
x-request-id: v-6acf946c-3a14-11ed-8832-ab812b43b076
last-modified: Sat, 02 Jan 2021 11:21:49 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 wb_tealium_video_track.js Show response
public.websteronline.com/modules/custom/wb_tealium/js/ 6 KB
7 KB 159ms
156ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/modules/custom/wb_tealium/js/wb_tealium_video_track.js?v=1

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2591fd111282640eadb9d5c774538f2b954ef7bac402ca16ed924524c70f9054

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 316999
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 6328
x-request-id: v-6acfa272-3a14-11ed-a637-f380276b27f7
last-modified: Sat, 02 Jan 2021 11:21:57 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 wb_tealium_scroll_tracker.js Show response
public.websteronline.com/modules/custom/wb_tealium/js/ 3 KB
4 KB 160ms
157ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/modules/custom/wb_tealium/js/wb_tealium_scroll_tracker.js?v=1

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5a1eb8e4013c14c39bbf864db74557aaf52f22451957a251ccf7780a3e8b13dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 311081
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 3295
x-request-id: v-6acf9642-3a14-11ed-9c7d-238691092611
last-modified: Sat, 02 Jan 2021 10:55:03 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 jquery.once.bc.js Show response
public.websteronline.com/core/misc/ 1 KB
2 KB 159ms
157ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/core/misc/jquery.once.bc.js?v=9.3.19

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

918f37e0a3d838b34a1003f2dc3de23752d6042b376f0e5c817f35bcbaaa10b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 316046
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 1274
x-request-id: v-6acf9c14-3a14-11ed-bf6f-53ab486349f2
last-modified: Fri, 25 Feb 2022 02:10:01 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 extlink.js Show response
public.websteronline.com/modules/contrib/extlink/ 12 KB
12 KB 159ms
156ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/modules/contrib/extlink/extlink.js?v=9.3.19

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

478d1cd080ad8a570bb3950719f296d39c07e52a3b867cdd0f822ab9236fc33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 319248
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 898129
x-cache: HIT
x-ah-environment: prod
content-length: 12177
x-request-id: v-6acff646-3a14-11ed-857e-9f6d4e08541d
last-modified: Fri, 25 Feb 2022 02:05:53 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 06 Oct 2022 01:18:08 GMT

GET
H2 200 app.js Show response
public.websteronline.com/modules/custom/wb_theme/js/dist/js/ 73 KB
74 KB 158ms
156ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/modules/custom/wb_theme/js/dist/js/app.js?rj30g1

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

192ca80b2e302c493bcd16c17c17fe82166609c2f2587ed6e9db3798636db5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 22216
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 67600
x-cache: HIT
x-ah-environment: prod
content-length: 75135
x-request-id: v-24b9d376-41a2-11ed-8ebb-b31ee754663d
last-modified: Fri, 25 Feb 2022 02:05:54 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 15 Oct 2022 16:00:17 GMT

GET
H2 200 chunk-vendors.js Show response
public.websteronline.com/modules/custom/wb_theme/js/dist/js/ 300 KB
300 KB 159ms
157ms Script
application/javascript 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://public.websteronline.com/modules/custom/wb_theme/js/dist/js/chunk-vendors.js?rj30g1

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

193ff2841cfb913913f1eb4738e9b97d662a810f0b17202c0153b549e90f6a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 22229
date: Sun, 02 Oct 2022 10:46:57 GMT
via: varnish
x-content-type-options: nosniff
age: 67600
x-cache: HIT
x-ah-environment: prod
content-length: 306801
x-request-id: v-24b9dae2-41a2-11ed-9032-1bc29b4eb070
last-modified: Fri, 25 Feb 2022 02:09:13 GMT
server: nginx
vary: Host,X-Forwarded-Proto
content-type: application/javascript
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 15 Oct 2022 16:00:17 GMT

GET
H/1.1 200
OK common2.js Show response
static.websteronline.com/wolstatic/js/vendor/ 238 KB
140 KB 126ms
126ms Script
application/javascript 12.227.185.69
WEBSTER-BANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js?seed=AEDcPpiDAQAArRz0434oH4lmjP4zWipcNn_ZsxG0XXLEnxonbHpeRpzZdmCZ&liLH9u0HBU--z=q
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/wolstatic/js/vendor/common2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 12.227.185.69 Lyndhurst, United States, ASN20072 (WEBSTER-BANK, US),
Reverse DNS
Software: /
Resource Hash: 08e6f881f57526c9082a4926dc60d6802efd99e7d2c15414183a33206b6e5c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Ion-Hop: Prod
Date: Sun, 02 Oct 2022 10:46:57 GMT
Cache-Control: public, max-age=3600, immutable
Content-Encoding: gzip
Via: 1.1 google
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 uuh7eht.css
use.typekit.net/ 9 KB
1 KB 265ms
171ms Stylesheet
text/css 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uuh7eht.css

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/sites/default/files/css/css_Klo6eL0sL4dOc0SWBkYaFI2yLmePPjl2TrgUdyLh2is.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

cf18577fc2a0d7bc0fa771e517ecd6a876933f6f184b94140627b3f7e8ea9b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sun, 02 Oct 2022 10:46:58 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1091

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 100ms
21ms Stylesheet
text/css 2a02:26f0:11a::6867:4848
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uuh7eht&ht=tk&f=15498.15501.15505.15506.15507.15508.15509.15510.22792.22793.40090.40092&a=14144847&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4848 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 02 Oct 2022 10:46:58 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/923169/00000000000000007735a459/30/ 55 KB
55 KB 107ms
55ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/923169/00000000000000007735a459/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b6d66cbb6aedd432591d189cd4bab78979b29c4f7f623580e78f7df6377b9bc9

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:46:58 GMT
server: nginx
etag: "8c3956c31ac6bc8e2d2af7a32c3353a2328dc1a5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 56488

GET
H2 200 l
use.typekit.net/af/dec5ec/00000000000000007735a096/30/ 31 KB
31 KB 73ms
22ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dec5ec/00000000000000007735a096/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ceff9bae085d2dacab8d16c406bf4bbe3e8ce1f02b91954a82563e9b751fb6f

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:46:58 GMT
server: nginx
etag: "603db0ed9fa33df2e3c6e1b3bc3619940ea6b934"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31424

GET
H2 200 l
use.typekit.net/af/ac5663/00000000000000007735a458/30/ 53 KB
53 KB 70ms
19ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ac5663/00000000000000007735a458/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 73ca6b2418efd8501e04cec2823bf68e9f1722767a5a439443af543f59b618e9

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:46:58 GMT
server: nginx
etag: "a4cfd76f5aa2d5768b968145729f547d6a560c7b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 54308

GET
H2 200 l
use.typekit.net/af/00cc08/00000000000000007735a0a6/30/ 31 KB
31 KB 88ms
37ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/00cc08/00000000000000007735a0a6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a88f254646cba38a992ddedecc91b44a195dbd684ec248be68262711c98e8673

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:46:58 GMT
server: nginx
etag: "ea39bd98b385c0db31099ce043f89ad0d504d782"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31328

GET
H2 200 l
use.typekit.net/af/9d5bd3/00000000000000007735a09f/30/ 31 KB
31 KB 106ms
55ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9d5bd3/00000000000000007735a09f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7fd476cb8e49274de87d6712c360ca87f2be697d3f04746fd7a0afd9ae8c84b4

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:46:58 GMT
server: nginx
etag: "01c88a1be82b85b10c770c6ae54e4949f8a948f1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31260

GET
H2 200 l
use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/ 30 KB
31 KB 88ms
38ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uuh7eht.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: da3902c6f50673bc0161376b5c4c2871d51f72eeaf43d800cdd89865dd00f6ba

Request headers

Referer: https://use.typekit.net/uuh7eht.css
Origin: https://public.websteronline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:46:58 GMT
server: nginx
etag: "e8f0afc8be1f653a7bff6045a7dc07fba2140a10"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30996

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 66 KB
14 KB 216ms
41ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/modules/contrib/tealiumiq/js/tealiumiq_async.js?v=1.x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a5ab8c088c62497197af8ad29a8c592a9e1c367c18e4bf2a52f099cffe3b69ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:46:58 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 12:41:37 GMT
server: AkamaiNetStorage
etag: "682a108532ba9d4329d132401897592b:1663332097.258267"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 14557
expires: Sun, 02 Oct 2022 10:51:58 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/a336babc/www-widgetapi.vflset/ 156 KB
52 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a336babc/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03bdda2b417d8cff1b2c8293c02685fd1670ca563e5514d74bffc8cd5a108e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:44:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52493
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 02 Oct 2023 10:44:56 GMT

OPTIONS
H/1.1 200
OK ds
www.websteronline.com/bank/ Frame 0
0 1583ms
130ms Preflight
application/javascript 12.227.185.68
WEBSTER-BANK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.websteronline.com/bank/ds?action=df_session-WOLSessionInfo&randomNumber=1664707620407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 12.227.185.68 Lyndhurst, United States, ASN20072 (WEBSTER-BANK, US),
Reverse DNS
Software: WebsterBank /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://public.websteronline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Origin: https://public.websteronline.com
Access-Control-Request-Method: GET, POST
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 134
Content-Type: application/javascript;charset=ISO-8859-1
Date: Sun, 02 Oct 2022 10:47:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=15, max=476
Pragma: no-cache
Server: WebsterBank
Vary: Origin
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK ds Show response
www.websteronline.com/bank/ 134 B
2 KB 128ms
127ms XHR
application/javascript 12.227.185.68
WEBSTER-BANK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.websteronline.com/bank/ds?action=df_session-WOLSessionInfo&randomNumber=1664707620407
Requested by: Host: static.websteronline.com
URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js?seed=AEDcPpiDAQAArRz0434oH4lmjP4zWipcNn_ZsxG0XXLEnxonbHpeRpzZdmCZ&liLH9u0HBU--z=q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 12.227.185.68 Lyndhurst, United States, ASN20072 (WEBSTER-BANK, US),
Reverse DNS
Software: WebsterBank /
Resource Hash: e3d09fc0364013f1df6ceef76b4c1981fc345faefa2090aef85765c2db44b925

Request headers

Accept: */*
Referer: https://public.websteronline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

X-UA-Compatible: IE=edge
Pragma: no-cache
Date: Sun, 02 Oct 2022 10:47:02 GMT
Access-Control-Request-Method: GET, POST
Server: WebsterBank
Vary: Origin
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin: https://public.websteronline.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 134
Keep-Alive: timeout=15, max=475
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Digital_AAU_MediaCard_June2021_SecureTransactions.png
public.websteronline.com/sites/default/files/styles/card_318x180/public/2021-07/ 85 KB
86 KB 189ms
189ms Image
image/png 3.218.70.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.websteronline.com/sites/default/files/styles/card_318x180/public/2021-07/Digital_AAU_MediaCard_June2021_SecureTransactions.png?itok=xiknK81a

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.70.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-70-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cb25d90d09a4de0c2216b8f51ba557483481c64c909abe791fc58d69a3d5c8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Thu, 06 Oct 2022 01:18:07 GMT
date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 898132
x-cache: HIT
x-ah-environment: prod
content-length: 87404
x-request-id: v-6a4809fc-3a14-11ed-9b3e-7ba8a50f1bd6
last-modified: Mon, 19 Jul 2021 21:19:22 GMT
server: nginx
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.websteronline.com
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 181050

GET
H2 200 utag.1.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 42 KB
7 KB 32ms
31ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.1.js?utv=ut4.46.202209161241
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a5df935736aca95e4dd806155e810f075c0dc8c2ee84e5f14ce77a4bb3f1ea53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 13:00:46 GMT
server: AkamaiNetStorage
etag: "5204e8d0784c227c9fac4dbe4bcfe85e:1650891646.519562"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 7080
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 utag.14.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 10 KB
4 KB 30ms
28ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.14.js?utv=ut4.46.202209161241
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 57ce46084c4c06e56db539cc29126d3f06501c22b64a3481120e08de9b24fec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Mon, 21 Oct 2019 18:53:54 GMT
server: AkamaiNetStorage
etag: "39726b5e94d5d8758afc0c758dd7dfb5:1571684034.424146"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3427
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 utag.5.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 13 KB
4 KB 31ms
30ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.5.js?utv=ut4.46.202209161241
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8c5274aec9c4a656a085eda895e156d03470903630f25ba353abb0914fa2061c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 17:56:57 GMT
server: AkamaiNetStorage
etag: "8d7e15d1e8efc709b229595c9f43ab3f:1592589417.945729"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3931
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 utag.27.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 4 KB
2 KB 31ms
30ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.27.js?utv=ut4.46.202209161241
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 083d99083eadbee042030cf8b82b1eaff6a874255778d1a3e2de9699145f3ea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 17:56:56 GMT
server: AkamaiNetStorage
etag: "efdf3ea167bf15464e70e271ce76ce7a:1592589416.014552"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1743
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 utag.65.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 2 KB
1 KB 33ms
32ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.65.js?utv=ut4.46.202209161241
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 244ab27d5c470e357844e3d5e6c6538cbce399e208aa95ad1b7ee6a59ed31b91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Mon, 15 Jun 2020 15:33:35 GMT
server: AkamaiNetStorage
etag: "fb83989ab8f87b740c26bd0aab181c37:1592235215.158438"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1126
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 utag.70.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 4 KB
2 KB 50ms
49ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.70.js?utv=ut4.46.202007081841
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9a15538dd74db0130d015bc98cc75a0b6892c1a14ac9baa3027a1f79a8d86054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 18:41:54 GMT
server: AkamaiNetStorage
etag: "f37d04d8886b9931d486839de52ed19f:1594233714.007087"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1575
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 utag.98.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 11 KB
4 KB 44ms
44ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.98.js?utv=ut4.46.202209161241
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f703617946f9773e55cfb1a7a3f93cbe30ff22a4884d80ccdd9ec3b2d511d5fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:10:51 GMT
server: AkamaiNetStorage
etag: "f9f601d351873bca874d5eb7cf330d3f:1608041451.432111"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3519
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 utag.99.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 25 KB
5 KB 47ms
47ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.99.js?utv=ut4.46.202209161241
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9bd20ff362a87f1b42989e3a1b21e2197f8ebe51e7df4406f8b15d580b0ab50a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:10:43 GMT
server: AkamaiNetStorage
etag: "0fa2623e35030995afed466835333836:1608041443.606412"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4594
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 utag.142.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 2 KB
1 KB 45ms
45ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.142.js?utv=ut4.46.202103031155
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4888a2ce4df7aa69c4f4229934c0e11f1b13e7239048949c35070b26a8bee117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 11:55:21 GMT
server: AkamaiNetStorage
etag: "3f8d691d6823d47683c24275f7791078:1614772521.847376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 934
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 utag.194.js Show response
tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/ 13 KB
4 KB 47ms
47ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.194.js?utv=ut4.46.202209161241
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 37b0b955d1f0071245128ed807bcb37c5f2e39fc7983d4c189e21ea26d93e7a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 13:19:29 GMT
server: AkamaiNetStorage
etag: "d73ccd43a40c954e92cb5a333ea2146b:1631193569.72957"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3717
expires: Mon, 17 Oct 2022 10:47:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 40ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 10:47:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: qoR6yrRGQ20bBTRqruIh/0kwPx1ymvKsq/bBjV/MnXVZaY/UTAc+fJ0267N8qMyTIF7ZTy5uHUhRCL0j8TwjRg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 468366.html Show response
di.rlcdn.com/ Frame 4443 0
98 B 82ms
20ms Document
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://di.rlcdn.com/468366.html?pdata=page_id%3DHOME
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.websteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 02 Oct 2022 10:47:00 GMT
via: 1.1 google

GET
H/1.1 200
OK eluminate.js Show response
libs.coremetrics.com/ 158 KB
44 KB 222ms
27ms Script
application/x-javascript 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/eluminate.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5e0764e229eb18802eed3923527b691f10cd1ac9e0c84cfee96ee54bb094b853

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 14:38:24 GMT
Server: AkamaiNetStorage
ETag: "83394aeb894a3082735d0600850908f4:1634567904.960225"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

78 KB
30 KB

370ms
20ms

Script
application/javascript

37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/
Protocol: H2
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: faa7c5a62d21d645024e4385c3dfaf01614dffb80b2f51e9aa07b3a35a2c5090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:01 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 11:35:31 GMT
server: nginx
x-amz-request-id: tx00000797019f4f7b1a4a0-0063396125-3293c1b6-default
etag: W/"64271612f9771203ff18d1de033d1b31"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Sun, 02 Oct 2022 10:47:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 156 KB
59 KB 141ms
60ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-957546527

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f950181e9adfff08683e887a79a2fd78d107c38745344ef1d1e04ae87864078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59555
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 10:47:00 GMT

GET
H/1.1 200
OK flip.js Show response
tracker.adreadyclick.com/ 7 KB
3 KB 73ms
37ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.adreadyclick.com/flip.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa7f4d5789e8b7a7745731cb0611becb628ff8fb690239f0d0aa5e6697eb07a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:00 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1634730049
age: 166680
Transfer-Encoding: chunked
x-guploader-uploadid: ADPycdtGWiFkgyNlgihfbzHZv6MbYeEWFJWBy-RiKUDM8B5o6Maw4FUbmLDsO5Q7Z2sPI8NpKVt-KYFK3YhsVyRJ0n97kCnrpA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:40:58 GMT
Server: cloudflare
etag: W/"a32627d19a8f3a50966eb62e7c3077e5"
Vary: Accept-Encoding
x-goog-generation: 1634730058654786
Content-Type: application/javascript
x-goog-hash: crc32c=kXk4yA==, md5=oyYn0ZqPOlCWbrYufDB35Q==
cache-control: public, max-age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8Se1wzIqtsLXOaR9rEKSLyEJiKt9j1%2BtVIpHxL8H0K00eNc%2FHBRs5g4aM%2FcSarBp9AcZjruiZFBZRtTGZswvAp%2F75skoR4YH4kEJmNlYVyxh0jvPY0Vr9jYrrfLQXDQodcD3M24SjEz9ozC4Qwy1sbvSa97V3k%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 6829
CF-RAY: 753cdb84fba9928f-FRA
expires: Fri, 30 Sep 2022 13:29:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 78ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 02 Oct 2022 10:46:59 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EAFA5AC7B80A466EAA0AA6E5A509C1F4 Ref B: FRAEDGE1412 Ref C: 2022-10-02T10:47:00Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H3

200

activityi;dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692 Show response
5724674.fls.doubleclick.net/ Frame D741
Redirect Chain

https://5724674.fls.doubleclick.net/activityi;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692?
https://5724674.fls.doubleclick.net/activityi;dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692?

454 B
380 B

125ms
66ms

Document
text/html

142.251.39.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5724674.fls.doubleclick.net/activityi;dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f6.1e100.net

Software

cafe /

Resource Hash

49d4ee2a8f3a1485de5d4907086d33322eea9412401a0416c19603cf9456a83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://public.websteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 10:47:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 10:47:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5724674.fls.doubleclick.net/activityi;dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 20ms
20ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=websterbank/websterbankd8/202209161241&cb=1664707620596
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/websterbank/websterbankd8/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Sun, 02 Oct 2022 10:57:00 GMT

GET
H3 200 2120588797962114 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 46ms
36ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2120588797962114?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca0da371fc79d5f1483ec0553883cc918449e30d73318832b5454bbe57d0be30

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 10:47:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 84r2Bk+3FeaYCGfvvFCofxKyqJmZA5jN8FfqpGLeRTKHzmp2NHckViMZjmQItUSY5+Szu9jKUMowRcGD3ulw0Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK validate Show response
pixelconnector.adready.com/ 214 B
587 B 527ms
309ms XHR
application/json 104.18.4.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/validate?id=92a7854b-25de-47f3-80ff-975bdad8a39d

Requested by

Host: static.websteronline.com
URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js?seed=AEDcPpiDAQAArRz0434oH4lmjP4zWipcNn_ZsxG0XXLEnxonbHpeRpzZdmCZ&liLH9u0HBU--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.4.236 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b298a3fa127e33d3dd0e7480702da7dbfc0f0aeb653f3dc7ef5baae1b21426b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://public.websteronline.com
Connection: keep-alive
CF-RAY: 753cdb86cb2a918e-FRA

GET
H2 204 5795046.js Show response
bat.bing.com/p/action/ 0
136 B 148ms
148ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5795046.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 02 Oct 2022 10:47:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B268C586DE664E37973235C95AFA8BCC Ref B: FRAEDGE1412 Ref C: 2022-10-02T10:47:00Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800

GET
H2 204 0
bat.bing.com/action/ 0
174 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5795046&Ver=2&mid=a6fae697-1ccb-4d87-881d-e84b2fdc89aa&sid=8b61c970423f11ed884ba90ecbff74ef&vid=8b61ea10423f11ed9adc415c984c0f68&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Webster%20Bank%20%7C%20Banking,%20Lending,%20Investments%20%26%20Private%20Bank&p=https%3A%2F%2Fpublic.websteronline.com%2F&r=&lt=5415&evt=pageLoad&sv=1&rn=776306

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 02 Oct 2022 10:46:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4323D24916334777A9572AFF697A5B71 Ref B: FRAEDGE1412 Ref C: 2022-10-02T10:47:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 26ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2120588797962114&ev=PageView&dl=https%3A%2F%2Fpublic.websteronline.com%2F&rl=&if=false&ts=1664707620734&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.1.1664707620733.432544136&it=1664707620642&coo=false&rqm=GET

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 10:47:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 152ms
73ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-957546527

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 10:47:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 127ms
67ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119140-7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-957546527

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03633ac594fc0b60d1b08a30ad854cb9187029a4cf6f19ec2b495379ce1758b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42389
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 10:47:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
73 KB 122ms
63ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-79CFNBLNHH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-957546527

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ba0a3350bf38301f691dc3ba4a70dbb243e0aded2594ce513ab8043eee0c98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74972
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 Oct 2022 10:47:00 GMT

GET
H/1.1 200
OK 54290000.js Show response
libs.coremetrics.com/configs/ 125 B
413 B 121ms
120ms Script
application/x-javascript 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/configs/54290000.js
Requested by: Host: libs.coremetrics.com
URL: https://libs.coremetrics.com/eluminate.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d2f65b5b23c8346bf2a6a561789dd547803405f7291e517798c2f048dd0e7318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:00 GMT
Last-Modified: Thu, 12 Jul 2018 18:20:15 GMT
Server: AkamaiNetStorage
ETag: "82e6d8421d893ce68d9bb32d26b20975:1531419713"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 125

GET
H/1.1 200
OK cm
data.coremetrics.com/ 43 B
467 B 411ms
100ms Image
image/gif 3.86.136.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.coremetrics.com/cm?ci=54290000%7Cpublic.websteronline.com&st=1664707620844&vn1=4.23.201&ec=utf-8&vn2=e4.0&pi=HOME&ul=https%3A%2F%2Fpublic.websteronline.com%2F&cjen=1&cjuid=37055009002116647076208&cjsid=98216791664707620870&cjvf=7&tid=6&cg=%3AHOME&rnd=1664714346518&pc=Y&jv=1.8.5&np0=Chrome%20PDF%20Plugin&np1=Chrome%20PDF%20Viewer&np2=Native%20Client&je=n&sw=1600&sh=1200&pd=24&tz=0
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.86.136.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-136-12.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 10:47:01 GMT
Server: Apache
Vary: Host
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Connection: close
Content-Length: 43
Expires: Sat, 01 Oct 2022 10:47:01 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692;~oref=https://public.websteronline.com/ Frame F5DC 453 B
826 B 89ms
53ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692;~oref=https://public.websteronline.com/

Requested by

Host: 5724674.fls.doubleclick.net
URL: https://5724674.fls.doubleclick.net/activityi;dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c00731125693c731167f9305035f5a33e19c76f3dd4a4d50fca8fadb5812577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5724674.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 10:47:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957546527/ 2 KB
2 KB 181ms
100ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957546527/?random=1664707620971&cv=9&fst=1664707620971&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpublic.websteronline.com%2F&tiba=Webster%20Bank%20%7C%20Banking%2C%20Lending%2C%20Investments%20%26%20Private%20Bank&auid=1759383382.1664707621&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b816919c60c84d559056028cab35d79fb159868c266906a8ddbed6474257d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dispatcher-v3.js Show response
tmscdn.coremetrics.com/tms/ 5 KB
2 KB 96ms
19ms Script
application/x-javascript 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tmscdn.coremetrics.com/tms/dispatcher-v3.js
Requested by: Host: libs.coremetrics.com
URL: https://libs.coremetrics.com/eluminate.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 80eb5bb22c350b6e7d6b0d133860eb4ed3cb91a3b8cd301ac00f2aecef47c903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Oct 2020 15:00:35 GMT
Server: AkamaiNetStorage
ETag: "ff46bff054ea5901b77922bfcce5a6b1:1602169236.920624"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1228

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 106ms
28ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119140-7&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 10:27:31 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 1170
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sun, 02 Oct 2022 12:27:31 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 68ms
67ms Image
image/gif 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-119140-7&cv=1&v=3&t=t&pid=920680433&rv=9s0&es=1&e=gtm.init_consent&eid=-1&tc=1&dl=public.websteronline.com%2F&tdp=UA-119140-7;;0;2;0&z=0

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 61ms
60ms Image
image/gif 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=UA-119140-7&cv=1&v=3&t=t&pid=920680433&rv=9s0&es=1&e=gtm.init_consent&eid=-1&tc=1&dl=public.websteronline.com%2F&tdp=UA-119140-7;;0;2;0&z=0
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 111ms
109ms Image
image/gif 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-119140-7&cv=1&v=3&t=t&pid=920680433&rv=9s0&es=1&e=gtm.init&eid=0&tc=1&z=0

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 110ms
108ms Image
image/gif 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-119140-7&cv=1&v=3&t=t&pid=920680433&rv=9s0&es=1&e=gtm.js&eid=1&tc=1&tr=1rep&ti=1rep&z=0

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 112ms
110ms Image
image/gif 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-119140-7&cv=1&v=3&t=t&pid=920680433&rv=9s0&es=1&e=gtag.config&eid=3&tc=1&z=0

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 111ms
109ms Image
image/gif 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-119140-7&cv=1&v=3&t=t&pid=920680433&rv=9s0&es=1&e=gtag.config&eid=4&ut=AAC&tc=1&epr=1UA&tdc=UA-119140-7*AW-957546527&z=0

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 216ms
215ms Image
image/gif 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=UA-119140-7&cv=1&v=3&t=t&pid=920680433&rv=9s0&es=1&e=gtag.config&eid=4&ut=AAC&tc=1&epr=1UA&tdc=UA-119140-7*AW-957546527&z=0
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
353 B 47ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-79CFNBLNHH&gtm=2oe9s0&_p=521973753&gdid=dYmQxMT&cid=862126407.1664707621&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664707621&sct=1&seg=0&dl=https%3A%2F%2Fpublic.websteronline.com%2F&dt=Webster%20Bank%20%7C%20Banking%2C%20Lending%2C%20Investments%20%26%20Private%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-79CFNBLNHH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://public.websteronline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692;~oref=https://public.websteronline.com/ Frame 2AB4 194 B
870 B 105ms
53ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692;~oref=https://public.websteronline.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJP_kJOvwfoCFZOumgod6WcPgw;src=5724674;type=pbank_0;cat=webst008;ord=1;num=7755846106180.692;~oref=https://public.websteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 10:47:01 GMT
expires: Sun, 02 Oct 2022 10:47:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK yahoo-min.js Show response
libs.coremetrics.com/ddxlibs/ 7 KB
3 KB 22ms
21ms Script
application/x-javascript 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/ddxlibs/yahoo-min.js
Requested by: Host: tmscdn.coremetrics.com
URL: https://tmscdn.coremetrics.com/tms/dispatcher-v3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c642c7ca52f6c1109ae4f95cc996868b27c2aa5d230bb2fae8b73969093eac17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Aug 2014 12:31:47 GMT
Server: AkamaiNetStorage
ETag: "839e18c2abe9817eb0b63acb4f014aa4:1407414707"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H/1.1 200
OK cp-v3.js Show response
tmscdn.coremetrics.com/tms/54290000/ 12 B
299 B 419ms
419ms Script
application/x-javascript 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tmscdn.coremetrics.com/tms/54290000/cp-v3.js?__t=20221002104701078
Requested by: Host: tmscdn.coremetrics.com
URL: https://tmscdn.coremetrics.com/tms/dispatcher-v3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Last-Modified: Thu, 12 Jul 2018 19:58:59 GMT
Server: AkamaiNetStorage
ETag: "bc6573647ae421e4cd14dcdf34c877ce:1531425539"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12

GET
H/1.1 200
OK json-min.js Show response
libs.coremetrics.com/ddxlibs/ 5 KB
2 KB 19ms
18ms Script
application/x-javascript 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/ddxlibs/json-min.js
Requested by: Host: tmscdn.coremetrics.com
URL: https://tmscdn.coremetrics.com/tms/dispatcher-v3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Aug 2014 12:31:47 GMT
Server: AkamaiNetStorage
ETag: "59d3be5741942c7fca3daff0b2d977ef:1407414707"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2204

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 86ms
28ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=521973753&t=pageview&_s=1&dl=https%3A%2F%2Fpublic.websteronline.com%2F&ul=en-us&de=UTF-8&dt=Webster%20Bank%20%7C%20Banking%2C%20Lending%2C%20Investments%20%26%20Private%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDACUABB~&cid=862126407.1664707621&tid=UA-119140-7&_gid=716699194.1664707621&gtm=2ou9s0&did=dYmQxMT&gdid=dYmQxMT&z=1875989413

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37205
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/957546527/ 42 B
548 B 61ms
26ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957546527/?random=1664707620971&cv=9&fst=1664704800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpublic.websteronline.com%2F&tiba=Webster%20Bank%20%7C%20Banking%2C%20Lending%2C%20Investments%20%26%20Private%20Bank&async=1&fmt=3&is_vtc=1&random=1618792400&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957546527/ 42 B
548 B 96ms
38ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957546527/?random=1664707620971&cv=9&fst=1664704800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpublic.websteronline.com%2F&tiba=Webster%20Bank%20%7C%20Banking%2C%20Lending%2C%20Investments%20%26%20Private%20Bank&async=1&fmt=3&is_vtc=1&random=1618792400&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK update Show response
pixelconnector.adready.com/ 22 B
371 B 321ms
321ms XHR
application/json 104.18.4.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/update?s=flip.js

Requested by

Host: static.websteronline.com
URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js?seed=AEDcPpiDAQAArRz0434oH4lmjP4zWipcNn_ZsxG0XXLEnxonbHpeRpzZdmCZ&liLH9u0HBU--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.4.236 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://public.websteronline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://public.websteronline.com
Connection: keep-alive
CF-RAY: 753cdb88c83b918e-FRA
Content-Length: 22

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2011421&ADFdivider=|&ord=947806812441&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2011421&ADFdivider=|&ord=947806812441&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

1 KB
1 KB

90ms
89ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2011421&ADFdivider=|&ord=947806812441&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

710dbca525bc365dfceb1e8f90e2735f51b366240d3d063a56a843663cfb8644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 795
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2011421&ADFdivider=|&ord=947806812441&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame D47C 1 KB
884 B 90ms
88ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2011421&lid=75390525&ctype=0&media=0&PageName=public.websteronline.com%2f&rnd=1176891521&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2f

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

22e164da170983e72286f75838dff7bc573979ef4a7e720fd536e83df7024972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://public.websteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 10:47:01 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 59F1 5 KB
2 KB 81ms
19ms Document
text/html 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2011421&ADFdivider=|&ord=947806812441&ADFtpmode=2&loc=https%3A%2F%2Fpublic.websteronline.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ba85dcc4501219e3a80e27a741cf537ab352e32f1cb685139b1e7ff17f384856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://public.websteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 10:47:01 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
343 B 564ms
18ms Image
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=8748632250128668555&stamp=fvc57RFPS68DvP-67D9Y4w2

Requested by

Host: public.websteronline.com
URL: https://public.websteronline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Oct 2022 10:47:02 GMT
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 59F1 0
261 B 20ms
19ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 59F1
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=8748632250128668555&Expiration=1665917221
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=8748632250128668555&Expiration=1665917221

43 B
421 B

10ms
10ms

Image
image/gif

18.159.9.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=8748632250128668555&Expiration=1665917221
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Server: 18.159.9.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-9-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Oct 2022 10:47:01 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=8748632250128668555&Expiration=1665917221
date: Sun, 02 Oct 2022 10:47:01 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 59F1 0
522 B 153ms
40ms Image
text/plain 104.103.102.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=8748632250128668555

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.102.147 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-103-102-147.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 10:47:01 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sat, 01 Oct 2022 10:47:01 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 59F1 0
214 B 92ms
9ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 59F1
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8748632250128668555&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8748632250128668555&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=0ad68b4d4d1a49239...
https://c1.adform.net/serving/cookie/match?party=9&uid=c3498e8f5819102f762b2ab489dfc98e8f8d158406e4b9b35f336092ef7204e7

35 B
467 B

20ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=c3498e8f5819102f762b2ab489dfc98e8f8d158406e4b9b35f336092ef7204e7

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=c3498e8f5819102f762b2ab489dfc98e8f8d158406e4b9b35f336092ef7204e7
date: Sun, 02 Oct 2022 10:47:01 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 404
Not Found /
rtb-csync.smartadserver.com/redir/ Frame 59F1 21 B
21 B 173ms
21ms Image
text/plain 185.86.138.145
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=8748632250128668555&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.145 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 673c79de9e33392bc95881a3d58488cf44e0509352a299e09bf119e2b09d170a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:01 GMT
content-length: 21
content-type: text/plain; charset=utf-8

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 59F1
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=8748632250128668555&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=8748632250128668555&_origin=1&verify=true

0
120 B

10ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=8748632250128668555&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=8748632250128668555&_origin=1&verify=true
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 59F1 43 B
797 B 392ms
37ms Image
image/gif 2.18.79.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 10:47:02 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1664707621947050-602
Expires: Sun, 02 Oct 2022 10:47:02 GMT

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 59F1
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=8748632250128668555
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=8748632250128668555
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2549d405-f98a-4f69-ae20-404f8425a147

0
99 B

246ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2549d405-f98a-4f69-ae20-404f8425a147
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12502

Redirect headers

Location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2549d405-f98a-4f69-ae20-404f8425a147
Date: Sun, 02 Oct 2022 10:47:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 59F1
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8748632250128668555&expiration=1665917221
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8748632250128668555&expiration=1665917221&C=1

43 B
887 B

72ms
57ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8748632250128668555&expiration=1665917221&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoRDGSD%2BrG%2Ffa0sSQPm%2F%2B8%2FHoT3t8UHkkZ2YGt9x%2FFPKUr2F4gAwiZ6LCjBylUTt9n2ET%2BCLhHigvzbGrEr0MMB7c68vU7wfzAZyJzvQ9rYW%2FTObHrZmn2AuF6ggzy7%2BAE2Qzd2ewVJJ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 753cdb8c09379bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8AhF5DfLA1S1xz3Ja4H6ng5JF0WMINv2VPIsuJ6riy%2FVunBp6S4m33HPFoett6zgmkFbl69u71D4bhkTUulHUqVKV8JwORagvF%2FHwdCRTiCUUu4JrllprMt5v5gdyZO2oiN0HjXa9maew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=8748632250128668555&expiration=1665917221&C=1
cache-control: no-cache
cf-ray: 753cdb8bb8fe9016-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

647471
se.semasio.net/sync/1/ Frame 59F1
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8748632250128668555&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8748632250128668555&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=8748632250128668555&gdpr=&gdpr_consent=&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
https://se.semasio.net/sync/1/14876172?sExtCookieId=878b6339-6c25-4a00-a86a-2481e9e498b0&sInitiator=internal&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fse.semasio.net%252Fsync%252F1%252F4354957%253FsExtCookieId%253D%2524UID%2526sInitiator%253Dinternal%26gdpr%3D0%26gdpr_consent%3D
https://se.semasio.net/sync/1/4354957?sExtCookieId=513279996183859826&sInitiator=internal&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NkJEQjQwMzgwMENGNUM1RA&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKWF1jhYs-c5fOxABWzgi6k&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEKWF1jhYs-c5fOxABWzgi6k&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
https://se.semasio.net/sync/1/647471?sExtCookieId=7149864793900316817&sInitiator=internal&gdpr=0&gdpr_consent=

0
415 B

27ms
27ms

Image
text/plain

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/647471?sExtCookieId=7149864793900316817&sInitiator=internal&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:00 GMT
uip-status: Ok
frontend-id: 06
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Location: https://se.semasio.net/sync/1/647471?sExtCookieId=7149864793900316817&sInitiator=internal&gdpr=0&gdpr_consent=
Date: Sun, 02 Oct 2022 10:47:02 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 59F1 0
344 B 45ms
7ms Image
text/plain 3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8748632250128668555&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 59F1
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8748632250128668555
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8748632250128668555&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
328 B

266ms
17ms

Image
image/gif

2a02:6ea0:cb00::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Server: 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-77-nzt: Abm0DAZX/kL/t28JAA
x-accel-expires: @1665125999
date: Sun, 02 Oct 2022 10:47:02 GMT
x-77-pop: viennaAT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: ep8u0XoJan0
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-77-cache: HIT
x-age: 618423
accept-ranges: bytes
content-length: 43

Redirect headers

date: Sun, 02 Oct 2022 10:47:01 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 59F1 0
42 B 33ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8748632250128668555/gdpr=/ Frame 59F1
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8748632250128668555/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8748632250128668555/gdpr=/gdpr_consent=

49 B
278 B

30ms
30ms

Image
image/gif

34.247.1.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8748632250128668555/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Server: 34.247.1.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-1-169.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.7.28
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8748632250128668555/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.45.11.48
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 59F1 62 B
227 B 332ms
185ms Image
image/gif 104.96.159.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.159.57 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-159-57.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 02 Oct 2022 10:47:02 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 59F1 43 B
273 B 88ms
24ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 59F1
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

133ms
45ms

Image
image/gif

52.218.122.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.1
Server: 52.218.122.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:03 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: QR2SE4V2CDK1MNH0
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 8Cpkm7x09BRgGlUn7gLFB/zs1AmUknxJf/1mfXBWNHgJ4AAYyPib+2/Q3ClHUahEr5ITkRcwqNs=

Redirect headers

X-Error-Reason: Missing UserId
Date: Sun, 02 Oct 2022 10:47:01 GMT
Server: akka-http/10.2.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 59F1
Redirect Chain

https://pixel.onaudience.com/?mapped=8748632250128668555&partner=68
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9f5feb0f4a6fb973/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ed60bd09feea7ac1ecf0b728831f6510&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
265 B

135ms
35ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 59F1
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8748632250128668555
https://tags.adsafety.net/v1/cm?cm_uid=CM120221002101fd64fe4f6ce9ce0244&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=ceed9a3b4a14ad1e90b23bd6a63afc5a
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120221002101fd64fe4f6ce9ce0244&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=ceed9a3b4a14ad1e90b23bd6a63afc5a&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjEwMDIxMDFmZDY0ZmU0ZjZjZTljZTAyNDQ
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEM1U-NUwEFrA6BT16OXiR3A&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120221002101fd64fe4f6ce9ce0244
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8748632250128668555

43 B
2 KB

17ms
16ms

Image
image/gif

139.162.172.91
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.1
Server: 139.162.172.91 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1489-91.members.linode.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 10:47:02 GMT
Last-Modified: Sun, 02 Oct 2022 10:47:02 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8748632250128668555
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 59F1 0
338 B 145ms
30ms Image
text/plain 52.48.197.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.197.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-197-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Sun, 02 Oct 2022 10:47:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1664707622
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 59F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODc0ODYzMjI1MDEyODY2ODU1NQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBp0f9ypYIfCfyKdpCjQzWw&google_cver=1&google_ula=1641347,0

35 B
467 B

20ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBp0f9ypYIfCfyKdpCjQzWw&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBp0f9ypYIfCfyKdpCjQzWw&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 59F1
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=3361407334220842506&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=8748632250128668555

43 B
1009 B

11ms
10ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=8748632250128668555

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 10:47:02 GMT
AN-X-Request-Uuid: ec171f07-5971-436a-b8b5-75f0ec79b790
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.138; 178.162.209.138; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=8748632250128668555
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 59F1 0
261 B 22ms
18ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 59F1 0
225 B 125ms
13ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 10:47:01 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 59F1 43 B
444 B 110ms
13ms Image
image/gif 52.222.214.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-97.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 12:35:13 GMT
Via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: FRA56-P3
Age: 79909
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: lMXMkF4xhMccoOmgHeseCvg9cwf8BFLWv4BszFQFCqUlwtVdSPOByQ==

GET
H/1.1

200

p
a.audrte.com/ Frame 59F1
Redirect Chain

https://a.audrte.com/a?adform_uid=8748632250128668555
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEB4LqaWfpWm3f7s9x35F8H0&google_cver=1
https://a.audrte.com/p

68 B
424 B

100ms
99ms

Image
image/png

44.197.9.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.1
Server: 44.197.9.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-9-232.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:02 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 02 Oct 2022 10:47:02 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 59F1
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8748632250128668555&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=8748632250128668555&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=00000040133658086954499578533430860806&noredirect=1

35 B
467 B

19ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=00000040133658086954499578533430860806&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v044-022c8a2e6.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: gYQW2vt7S7U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=00000040133658086954499578533430860806&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 59F1
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8748632250128668555
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217093104292001267621

35 B
476 B

32ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217093104292001267621

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217093104292001267621
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 59F1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7149864793900316817

35 B
467 B

32ms
18ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7149864793900316817

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7149864793900316817
Date: Sun, 02 Oct 2022 10:47:02 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 59F1 62 B
427 B 202ms
200ms Image
image/gif 104.96.159.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.159.57 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-159-57.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 02 Oct 2022 10:47:02 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 59F1
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=878b6339-6c25-4a00-a86a-2481e9e498b0

35 B
468 B

20ms
20ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=878b6339-6c25-4a00-a86a-2481e9e498b0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Sun, 02 Oct 2022 10:47:02 GMT
Server: MT3 4525 e1952b7 master zrh-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=878b6339-6c25-4a00-a86a-2481e9e498b0
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Sun, 02 Oct 2022 10:47:01 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 59F1
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=XIX3KoPP1OEWuW5

35 B
467 B

19ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=XIX3KoPP1OEWuW5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 10:47:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=XIX3KoPP1OEWuW5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 59F1 70 B
264 B 47ms
36ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 59F1 0
72 B 659ms
137ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 59F1 43 B
1 KB 69ms
18ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=8748632250128668555

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 02 Oct 2022 10:47:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 59F1
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=495247169
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=PlVJmTzURs5dGNFS6yTmnu

35 B
467 B

19ms
18ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=PlVJmTzURs5dGNFS6yTmnu

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
via: 1.1 google
last-modified: Sun, 02 Oct 2022 10:47:02 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=PlVJmTzURs5dGNFS6yTmnu
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 59F1 23 B
172 B 202ms
72ms Image
image/gif 2.18.69.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.48 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-48.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Sun, 02 Oct 2022 10:47:02 GMT
pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 59F1
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8748632250128668555
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8748632250128668555&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8748632250128668555&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 02 Oct 2022 10:47:02 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8748632250128668555&cs=1
date: Sun, 02 Oct 2022 10:47:02 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 59F1 0
241 B 44ms
8ms Image
text/plain 2600:9000:223f:5a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:02 GMT
cache-control: no-cache, must-revalidate
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ES-4oyZgc0xmHQ5m3v-mVqWWT6Ep1A1EBdew8WG2kJlnKT_6YT6rmQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 59F1
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=8748632250128668555&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=8748632250128668555&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=ca2842f3-6207-41ad-bca1-9534acb4b12f

35 B
468 B

19ms
19ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=ca2842f3-6207-41ad-bca1-9534acb4b12f

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=ca2842f3-6207-41ad-bca1-9534acb4b12f
date: Sun, 02 Oct 2022 10:47:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 8748632250128668555
match.contentexchange.me/adform/ Frame 59F1 0
49 B 212ms
25ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/8748632250128668555?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:02 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 59F1 37 B
140 B 59ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=8748632250128668555&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame 59F1 0
55 B 66ms
8ms Image
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=8748632250128668555
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:02 GMT
content-length: 0
content-type: text/html

GET
H2 200 plf
c1.adform.net/imatch/ Frame 59F1 0
261 B 21ms
19ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8748632250128668555&agencyId=6276&advertiserId=2065158&src=tp&rnd=233396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:47:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame D47C 1 KB
2 KB 200ms
38ms Script
text/javascript 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1468283&mt_adid=206701&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2011421&lid=75390525&ctype=0&media=0&PageName=public.websteronline.com%2f&rnd=1176891521&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4525 e1952b7 master zrh-pixel-x4 config:1.0.0 /
Resource Hash: febf85b4692197170c5346c98133d717782110bf21d85116bddbf09efa148be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Server: MT3 4525 e1952b7 master zrh-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1493
Expires: Sun, 02 Oct 2022 10:47:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame D47C 1 KB
2 KB 207ms
45ms Script
text/javascript 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1483032&mt_adid=206701&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2011421&lid=75390525&ctype=0&media=0&PageName=public.websteronline.com%2f&rnd=1176891521&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4525 e1952b7 master cdg-pixel-x14 config:1.0.0 /
Resource Hash: f97870d03dd65b696454d4ce17c54189ef95cd3c6f9db52e01d7b6f9ad8e4b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Server: MT3 4525 e1952b7 master cdg-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1493
Expires: Sun, 02 Oct 2022 10:47:00 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 90B8 713 B
1 KB 47ms
47ms Document
text/html 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=d4cc6339-6c25-4f00-8366-62173813d0a5&no_iframe=1&mt_adid=206701&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1468283&mt_adid=206701&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4525 e1952b7 master zrh-pixel-x12 config:1.0.0 /
Resource Hash: 8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 713
Content-Type: text/html
Date: Sun, 02 Oct 2022 10:47:01 GMT
Expires: Sun, 02 Oct 2022 10:47:00 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4525 e1952b7 master zrh-pixel-x12 config:1.0.0

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame D47C 0
480 B 44ms
41ms Image
image/gif 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2011421&lid=75390525&ctype=0&media=0&PageName=public.websteronline.com%2f&rnd=1176891521&cpref=&loc=https%3a%2f%2fpublic.websteronline.com%2f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4525 e1952b7 master zrh-pixel-x9 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Server: MT3 4525 e1952b7 master zrh-pixel-x9 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Sun, 02 Oct 2022 10:47:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 90B8 0
481 B 32ms
32ms Image
image/gif 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=d4cc6339-6c25-4f00-8366-62173813d0a5&no_iframe=1&mt_adid=206701&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4525 e1952b7 master zrh-pixel-x29 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=d4cc6339-6c25-4f00-8366-62173813d0a5&no_iframe=1&mt_adid=206701&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:01 GMT
Server: MT3 4525 e1952b7 master zrh-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Sun, 02 Oct 2022 10:47:00 GMT

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 36ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: public.websteronline.com
URL: https://public.websteronline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
via: 1.1 varnish
date: Sun, 02 Oct 2022 10:47:02 GMT
x-amz-request-id: KBVH2PMAKMG74HWE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: c40g0/PEOypibNZhpK4f4SlPZCSnAXuxKGtJ+LI/kKMS0hiuLcfL6ykVCP/ylzTky574I1FuVPM=
x-served-by: cache-fra19121-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1664707623.972770,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7278

GET
H/1.1 200
OK MultiNoun.jsonp Show response
d.la1-c2-ord.salesforceliveagent.com/chat/rest/System/ 226 B
591 B 1472ms
110ms Script
text/javascript 13.108.249.7
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c2-ord.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[573i00000006sKa]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572i00000006p7P&org_id=00Di0000000byqI&version=40

Requested by

Host: c.la1-c1cs-ord.salesforceliveagent.com
URL: https://c.la1-c1cs-ord.salesforceliveagent.com/content/g/js/40.0/deployment.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.249.7 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ord.la1-c2-ord.salesforceliveagent.com

Software

Resource Hash

319347f8bc41d3e2589a3b89200ec73b09bff1a54d45ae9773fef9293e8c9591

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK 8dc87c18d9 Show response
bam.nr-data.net/1/ 49 B
616 B 320ms
288ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8dc87c18d9?a=597086679&v=1216.487a282&to=M1QAYBMHCkADVEcPCwoeI1cVDwtdTUdSAQE7UgNXCQM%3D&rst=7933&ck=1&ref=https://public.websteronline.com/&ap=74&be=2863&fe=7891&dc=5342&perf=%7B%22timing%22:%7B%22of%22:1664707615049,%22n%22:0,%22f%22:1038,%22dn%22:1040,%22dne%22:1281,%22c%22:1281,%22s%22:1375,%22ce%22:1472,%22rq%22:1472,%22rp%22:1661,%22rpe%22:1662,%22dl%22:1706,%22di%22:5342,%22ds%22:5342,%22de%22:5415,%22dc%22:7891,%22l%22:7891,%22le%22:7898%7D,%22navigation%22:%7B%7D%7D&fp=3279&fcp=3279&at=HxMDFlsdGU4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 10:47:03 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 753cdb93d8509244-FRA

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 53ms
52ms Image
image/gif 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-119140-7&cv=1&v=3&t=t&pid=920680433&rv=9s0&es=1&e=gtm.load&eid=14&u=CAAAAAAAAAAAAAAC&ut=AAC&tc=1&epr=2UA&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 10:47:03 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/ 2 KB
1 KB 1286ms
100ms Script
text/javascript 13.110.46.224

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?sid=762ad908-284e-4dd8-93c6-cf734de7ec11&Settings.prefix=Visitor&Settings.buttonIds=[573i00000006sKa]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572i00000006p7P&org_id=00Di0000000byqI&version=40

Requested by

Host: c.la1-c1cs-ord.salesforceliveagent.com
URL: https://c.la1-c1cs-ord.salesforceliveagent.com/content/g/js/40.0/deployment.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.46.224 -, , ASN (),

Reverse DNS

Software

Resource Hash

31afa3b333ae3f7e03da2eba1187fa7bdc1f74b0194c66e7e9d68f469115f4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.websteronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

Verdicts & Comments Add Verdict or Comment

427 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

105 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.websteronline.com/	1969-12-31 23:59:59	Name: NSC_JOdcibiich15sktckjvoudeuh21ytbt Value: ffffffff09331a6545525d5f4f58455e445a4a422970
.websteronline.com/	1970-01-20 15:11:04	Name: WzPyZ2hU Value: A0ZiTpiDAQAA0Fx6888TVdo4cnHqLXrAsE-Otw6OEDo0C-8paz2DcqisMnF9AbKi0YqucjsbwH8AAEB3AAAAAA\|1\|0\|b55b2717c507742781c5b2e8990481b16dd3bdf0
static.websteronline.com/	1969-12-31 23:59:59	Name: NSC_tibqf_ttm_0_wjq_tubujd Value: ffffffff20fcd0e645525d5f4f58455e445a4a42378b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: StgWzkoZAeE
.youtube.com/	1970-01-20 10:44:19	Name: VISITOR_INFO1_LIVE Value: qPyT5VvD8L4
.public.websteronline.com/	1970-01-20 16:01:07	Name: consdepapptestgroup Value: Control
.websteronline.com/	1970-01-20 15:10:43	Name: utag_main Value: v_id:0183984e67a40008fec5aa26fd2603073002106b00b08$_sn:1$_se:1$_ss:1$_st:1664709418725$ses_id:1664707618725%3Bexp-session$_pn:1%3Bexp-session
.websteronline.com/	1970-01-20 07:51:31	Name: campaign_utm Value: undefined
.bing.com/	1970-01-20 15:46:43	Name: MUID Value: 1F03F758A125687723E9E569A04E699B
.websteronline.com/	1970-01-20 06:26:34	Name: _uetsid Value: 8b61c970423f11ed884ba90ecbff74ef
.websteronline.com/	1970-01-20 15:46:43	Name: _uetvid Value: 8b61ea10423f11ed9adc415c984c0f68
.websteronline.com/	1970-01-20 08:34:43	Name: _fbp Value: fb.1.1664707620733.432544136
.websteronline.com/	1970-01-20 08:34:43	Name: _gcl_au Value: 1.1.1759383382.1664707621
.public.websteronline.com/	1969-12-31 23:59:59	Name: cmTPSet Value: Y
.public.websteronline.com/	1970-01-20 16:01:07	Name: CoreID6 Value: 37055009002116647076208&ci=54290000\|public.websteronline.com
.websteronline.com/	1970-01-20 16:01:07	Name: _ga_79CFNBLNHH Value: GS1.1.1664707621.1.0.1664707621.0.0.0
.websteronline.com/	1970-01-20 16:01:07	Name: _ga Value: GA1.2.862126407.1664707621
.websteronline.com/	1970-01-20 06:26:34	Name: _gid Value: GA1.2.716699194.1664707621
.doubleclick.net/	1970-01-20 15:46:43	Name: IDE Value: AHWqTUk0j7YZMVvoJpkMl990-R8B8bejRC2uksFrhw_a2O3QHvY7KaXNFdT1QzLY
.public.websteronline.com/	1969-12-31 23:59:59	Name: 54290000_clogin Value: v=1&l=98216791664707620870&e=1664709421307
.adform.net/	1970-01-20 07:09:49	Name: C Value: 1
.adform.net/	1970-01-20 07:51:06	Name: uid Value: 8748632250128668555
.adform.net/	1970-01-20 06:26:34	Name: CM Value: 1\|1
.adform.net/	1970-01-20 06:45:17	Name: CM14 Value: 1664794021_1664707621_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.adscale.de/	1970-01-20 15:07:23	Name: uu Value: 0ad68b4d4d1a49239f4f39b8d715c00f
.adscale.de/	1970-01-20 15:07:23	Name: cct Value: 1664707621716
.ih.adscale.de/	1970-01-20 15:07:23	Name: tu Value: 4#784022972#42~8748632250128668555~462418~0~0
.casalemedia.com/	1970-01-20 15:10:43	Name: CMID Value: YzlsJReXQ.K4J0.vqYyn9QAA
.casalemedia.com/	1970-01-20 08:34:43	Name: CMPS Value: 1145
.casalemedia.com/	1970-01-20 08:34:43	Name: CMPRO Value: 1145
.360yield.com/	1970-01-20 08:34:43	Name: tuuid Value: c6c5d0ad-a628-42f6-b1be-30d89fc5a3fd
.360yield.com/	1970-01-20 08:34:43	Name: tuuid_lu Value: 1664707621
.360yield.com/	1970-01-20 08:34:43	Name: um Value: !42,trevlZAhrANJul2cEx6QgaUVo2nbQE6Hd77wnBCAHcu3,1665917221
.360yield.com/	1970-01-20 08:34:43	Name: umeh Value: !42,0,1726915621,-1
.eyeota.net/	1970-01-20 06:25:08	Name: SERVERID Value: 16765~DM
.yieldlab.net/	1970-01-20 15:10:43	Name: id Value: 9a232478-03fe-4e2c-bae0-fbbd266ed422
.casalemedia.com/	1970-01-20 08:34:43	Name: CMTS Value: 5152
.bidswitch.net/	1970-01-20 15:10:43	Name: tuuid Value: 2549d405-f98a-4f69-ae20-404f8425a147
.bidswitch.net/	1970-01-20 15:10:43	Name: c Value: 1664707621
.bidswitch.net/	1970-01-20 15:10:43	Name: tuuid_lu Value: 1664707621
.mathtag.com/	1970-01-20 15:51:02	Name: uuid Value: 878b6339-6c25-4a00-a86a-2481e9e498b0
.semasio.net/	1970-01-20 15:10:43	Name: SEUNCY Value: 6BDB403800CF5C5D
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.mathtag.com/	1970-01-20 07:08:19	Name: mt_misc Value: mt_bt:1
.onaudience.com/	1970-01-20 15:10:43	Name: cookie Value: 9f5feb0f4a6fb973
.onaudience.com/	1970-01-20 06:26:34	Name: done_redirects104 Value: 1
cm.adsafety.net/	1970-01-20 15:10:43	Name: UID Value: CM120221002101fd64fe4f6ce9ce0244
.adsafety.net/	1970-01-20 15:10:43	Name: cm_uid Value: CM120221002101fd64fe4f6ce9ce0244
.onaudience.com/	1970-01-20 06:26:34	Name: done_redirects161 Value: 1
tags.adsafety.net/	1970-01-20 15:10:43	Name: UID Value: ceed9a3b4a14ad1e90b23bd6a63afc5a
tags.adsafety.net/	1970-01-20 15:10:43	Name: DID Value: ceed9a3b4a14ad1e90b23bd6a63afc5a
tags.adsafety.net/	1970-01-20 15:10:43	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 15:10:43	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 07:08:19	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 15:10:43	Name: ct_uid Value: ceed9a3b4a14ad1e90b23bd6a63afc5a
.adsafety.net/	1970-01-20 15:10:43	Name: ct_did Value: ceed9a3b4a14ad1e90b23bd6a63afc5a
.adsafety.net/	1970-01-20 15:10:43	Name: ct_idt Value: 100
cm.adsafety.net/	1970-01-20 15:10:43	Name: permanent Value: 1
.ads.stickyadstv.com/	1970-01-20 07:51:31	Name: uid-bp-617 Value: 8748632250128668555
.ads.stickyadstv.com/	1970-01-20 07:08:19	Name: UID Value: d8c85b2644e5baf2de67bd13cd582eb
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 6438856f7ee1f55a3604c5d8c7dcd93
.yahoo.com/	1970-01-20 15:11:05	Name: A3 Value: d=AQABBCZsOWMCEMlpgm46fm2fgy7adwA5c3cFEgEBAQG9OmNDYwAAAAAA_eMAAA&S=AQAAAskrik8tjZ51BbR7yD9Pie8
.analytics.yahoo.com/	1970-01-20 15:10:43	Name: IDSYNC Value: 1760~27hm
.krxd.net/	1970-01-20 10:44:19	Name: _kuid_ Value: PHRuK1Ui
ads.smartstream.tv/	1970-01-20 15:10:43	Name: DID Value: ceed9a3b4a14ad1e90b23bd6a63afc5a
ads.smartstream.tv/	1970-01-20 15:10:43	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 15:10:43	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 07:08:19	Name: cm_uid Value: CM120221002101fd64fe4f6ce9ce0244
.seadform.net/	1970-01-20 07:51:35	Name: uid Value: 8748632250128668555
www.websteronline.com/	1970-01-20 06:25:07	Name: ADRUM_BTa Value: "R:33\|g:ad6c850a-7e83-40a7-a551-dea7687f6257\|n:websterbank-prod_c9374e8c-410c-4c95-b2e2-c260007ca479"
www.websteronline.com/	1970-01-20 06:25:07	Name: SameSite Value: None
www.websteronline.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 1AXUsJPzH6kA5LegCQN1uk0o
.websteronline.com/	1969-12-31 23:59:59	Name: WOTCB Value: 00e7a687-edfe-4b94-a45c-71f5fe8bcf26
.websteronline.com/	1969-12-31 23:59:59	Name: WOTCS Value: 30247869-e073-4201-b9ef-bc984ad3665b
www.websteronline.com/	1970-01-20 06:25:07	Name: ADRUM_BT1 Value: "R:33\|i:834353\|e:4\|d:5"
.adnxs.com/	1970-01-20 08:34:43	Name: uuid2 Value: 513279996183859826
.onaudience.com/	1970-01-20 06:26:34	Name: done_redirects147 Value: 1
.adnxs.com/	1970-01-20 08:34:43	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2E>6dx/I1!]tbPl1M66+q([OUez4WQ4vE(ShhZtXtp'xVB'[B[TKj^>Q9y+3If)y3KL9D3I?+WPd71y
cm.adsafety.net/	1970-01-20 15:10:43	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaNnkxODRISWloVFlkdmtsMXRaMTVnQ2tUbVZYMTJ5MTNadFRNejlVZ3laMEhvSm0zbFlCcHM4NjZneDlNUUVVYWQxT1IvUmcyM3Y4WW9uMmtjSE5rSlVUWVc1MzF3NjZXMUpFazFWVDFVNzBKTkJZc3dGWDVHcDBtNUdycXNXbkFpZDdkRnRMSnE4ZnZqR3RGa3NVZUU5eWx1eU12Q2RaMzE1bnUzRDN6SjF4KzMyZXBzNVRvLzJBeGpmNVIvY05CVmZYR2tnVmZJYVFGTkpmYVJBMUVHUTdEd3orZWpwOS84bFBkSXV6b2s4eTlsQkZBYzExLzFpOWhQM0U2U24rV3dQT21sQlFPWkh2NHpBYmdQVDlyN1hpajU2MTRMcVVtdENRdjBCY0xsdklKZ1NBSEs5c2lUVWFCVGoyaU53UEpkY3czbGZNNGhNVnNMR0FnWXU3TXpiVm9mYzNmMzd4WnhMVFdSMzluYnpWQXFBOWFURUplZ0RJejNncThqUy9jcCtnZjd1dTc4NkcrZnpDTWhzV1RRSkwwRW1GZjFYaWVaNXV1YUlaOVB1ZUVuWHQ3bTY1K2x1VmpWYzNGQUYrdVlMdUdKdTh3Yyt3aW9wbDVhMG9Dc01FTmF5MlljOWtuYlhVdWVtdEs0S3AvVm1xVG1vRkQ1RXhxVlc3dThDelZoeEg0VzdJY2JzTTBpcjNsaVVocDZDODdGWDNSbFRWTG1SRi96YlZMcS81UjdBZmh4Y1JuL05SQ2dFN2JDamMvRWF2NllrZ0VaTVNOM1QraXMyZUd0TkMvakZRZEtmdXF2L2RxQkxFNlUwdkYxTkJ4aFdBYTZ1UTJsMjlEckdsaXBWY1FRYVowQVVsbXBOd0JrTUtkWUN1aTlTbVpoSjhoMEswV1A1eURJWVQzbEF2a1NZV0VnTWRleW0vcmtYS2hvOVBKNW5Yc2ZpdnJUcXhicTJyODI0ZUp0bWQzUmdDdndjNEkvNnBsL0hqY0ttdlVKTDJQWkYxdkFidlBRT21MZVdicFR2VXNBSjduMVczb2hmVGZ5SUhmTUJtQXZyaUFhRHFSbXZUcEt3VjRQek5vTkhhcnFFZnhkN3RkS1F3RXc9PQ%3D%3D
.adfarm1.adition.com/	1970-01-20 08:34:43	Name: UserID1 Value: 7149864793900316817
.agkn.com/	1970-01-20 15:10:43	Name: ab Value: 0001%3AtajiESQuH71hQJ1To7M%2ByoJX2VTV9%2FAY
.w55c.net/	1970-01-20 15:55:22	Name: wfivefivec Value: XIX3KoPP1OEWuW5
.w55c.net/	1970-01-20 07:08:19	Name: matchadform Value: 5
.id5-sync.com/	1970-01-20 06:25:07	Name: cf Value:
.id5-sync.com/	1970-01-20 06:25:07	Name: cip Value:
.id5-sync.com/	1970-01-20 06:25:07	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:25:07	Name: car Value:
.id5-sync.com/	1970-01-20 06:25:07	Name: gdpr Value:
.id5-sync.com/	1970-01-20 06:25:07	Name: callback Value:
.weborama.fr/	1970-01-20 15:51:02	Name: AFFICHE_W Value: aPovL@2ijMJo41
.demdex.net/	1970-01-20 10:44:19	Name: demdex Value: 00000040133658086954499578533430860806
.dpm.demdex.net/	1970-01-20 10:44:19	Name: dpm Value: 00000040133658086954499578533430860806
.tapad.com/	1970-01-20 07:51:31	Name: TapAd_TS Value: 1664707622421
.tapad.com/	1970-01-20 07:51:31	Name: TapAd_DID Value: ca2842f3-6207-41ad-bca1-9534acb4b12f
.tapad.com/	1970-01-20 07:51:31	Name: TapAd_3WAY_SYNCS Value:
.1dmp.io/	1970-01-20 15:10:43	Name: uid Value: 8c6d7570-423f-11ed-8677-901b0e934d81
.audrte.com/	1970-01-20 06:46:43	Name: arcki2 Value: 8gibibusqJVQPmqC856mKD7vQ!20220908!1664707622503
.audrte.com/	1970-01-20 06:46:43	Name: arcki2_adform Value: 8748632250128668555!20220908!1664707622505
.audrte.com/	1970-01-20 06:46:43	Name: arcki2_ddp Value: CAESEB4LqaWfpWm3f7s9x35F8H0!20220908!1664707622722
.audrte.com/	1970-01-20 06:35:12	Name: arcki2_TTT Value: 1664707622723!8gibibusqJVQPmqC856mKD7vQ!1466#1598#1123#190#799#312#322#310#812#737#842#1554#1464#1686#918#1018#1817#-1#1573#331#1298#1103#1455#1663#-1#1787#146#271#262#426#1233#1230#934#1823#-1#1010#542#1751#963#505#-1#15#-1#546#532#449#545#1758#-1#368#464#1697#757#256#1658#1090#626#1473#1682#90#1702#107#510#1073#1717#1513#1487#259#8#1005#364#1585#689#933#1056#1293#306#1264#1244#294
public.websteronline.com/	1970-01-20 15:10:43	Name: liveagent_oref Value:
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: f72a4f9aeac50ef7
public.websteronline.com/	1969-12-31 23:59:59	Name: liveagent_sid Value: 762ad908-284e-4dd8-93c6-cf734de7ec11
public.websteronline.com/	1970-01-20 15:10:43	Name: liveagent_vc Value: 2
public.websteronline.com/	1970-01-20 15:10:43	Name: liveagent_ptid Value: 762ad908-284e-4dd8-93c6-cf734de7ec11

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://di.rlcdn.com/468366.html?pdata=page_id%3DHOME Message: Failed to load resource: the server responded with a status of 451 ()
rendering	warning	URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js?seed=AEDcPpiDAQAArRz0434oH4lmjP4zWipcNn_ZsxG0XXLEnxonbHpeRpzZdmCZ&liLH9u0HBU--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://static.websteronline.com/wolstatic/js/vendor/common2.js?seed=AEDcPpiDAQAArRz0434oH4lmjP4zWipcNn_ZsxG0XXLEnxonbHpeRpzZdmCZ&liLH9u0HBU--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=8748632250128668555 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=8748632250128668555&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'unsafe-inline' 'unsafe-eval' 'self' data: https:; report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5724674.fls.doubleclick.net
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
api.adrtx.net
bam.nr-data.net
bat.bing.com
beacon.krxd.net
c.la1-c1cs-ord.salesforceliveagent.com
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
d.la1-c2-ord.salesforceliveagent.com
d.la4-c2-ia5.salesforceliveagent.com
data.coremetrics.com
di.rlcdn.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js-agent.newrelic.com
libs.coremetrics.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
p.typekit.net
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pixelconnector.adready.com
pm.w55c.net
ps.eyeota.net
public.websteronline.com
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
static.websteronline.com
sync-t1.taboola.com
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
tags.tiqcdn.com
tmscdn.coremetrics.com
token.rubiconproject.com
tracker.adreadyclick.com
uipglob.semasio.net
ups.analytics.yahoo.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.websterbank.com
www.websteronline.com
www.youtube.com
x.bidswitch.net
104.103.102.147
104.103.105.16
104.18.18.126
104.18.4.236
104.96.159.57
12.227.185.50
12.227.185.68
12.227.185.69
13.108.248.6
13.108.249.7
13.110.46.224
13.248.245.213
139.162.141.41
139.162.172.91
141.226.228.48
141.94.171.213
142.250.180.194
142.251.39.2
142.251.39.70
151.101.130.137
162.19.138.117
162.247.241.14
18.159.9.120
18.198.126.47
184.51.9.44
185.167.164.49
185.64.189.110
185.86.138.145
193.135.9.126
2.18.69.48
2.18.79.136
2001:4860:4802:34::36
216.46.185.182
2600:9000:223f:5a00:1b:5138:8a40:93a1
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2008
2a02:26f0:11a::6867:4841
2a02:26f0:11a::6867:4848
2a02:6ea0:cb00::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::c
3.120.214.218
3.121.59.219
3.123.174.3
3.126.56.137
3.218.70.254
3.71.169.66
3.75.14.26
3.86.136.12
34.247.1.169
34.248.125.130
35.190.24.218
35.227.248.159
35.244.159.8
35.244.174.68
37.157.2.239
37.157.2.247
37.157.4.29
37.252.172.249
44.197.9.232
46.19.11.36
52.218.122.40
52.222.214.97
52.223.40.198
52.29.233.77
52.48.197.119
54.228.8.136
69.173.144.139
77.243.60.138
78.46.100.125
85.114.159.93
92.123.36.220
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
03633ac594fc0b60d1b08a30ad854cb9187029a4cf6f19ec2b495379ce1758b2
03bdda2b417d8cff1b2c8293c02685fd1670ca563e5514d74bffc8cd5a108e04
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
083d99083eadbee042030cf8b82b1eaff6a874255778d1a3e2de9699145f3ea4
08e6f881f57526c9082a4926dc60d6802efd99e7d2c15414183a33206b6e5c7b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0dc34c40ab9306e51a525d3d6e4f3a3211d2c196b69cf902db18d1d826f1bd48
15b816919c60c84d559056028cab35d79fb159868c266906a8ddbed6474257d7
192ca80b2e302c493bcd16c17c17fe82166609c2f2587ed6e9db3798636db5c0
193ff2841cfb913913f1eb4738e9b97d662a810f0b17202c0153b549e90f6a67
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496
1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3
22e164da170983e72286f75838dff7bc573979ef4a7e720fd536e83df7024972
244ab27d5c470e357844e3d5e6c6538cbce399e208aa95ad1b7ee6a59ed31b91
2591fd111282640eadb9d5c774538f2b954ef7bac402ca16ed924524c70f9054
26397bfd8b42061dd946d0b7466e0e34a727cf96a549026d0d050b60f1bce4e3
2a5a3a78bd2c2f874e73449606461a148db22e678f3e39764eb8147722e1da2b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
319347f8bc41d3e2589a3b89200ec73b09bff1a54d45ae9773fef9293e8c9591
31afa3b333ae3f7e03da2eba1187fa7bdc1f74b0194c66e7e9d68f469115f4f0
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35de833a1ccd38081bb51ca4c1424148f8ba09933b78401b959f8567274078c8
37b0b955d1f0071245128ed807bcb37c5f2e39fc7983d4c189e21ea26d93e7a6
3c00731125693c731167f9305035f5a33e19c76f3dd4a4d50fca8fadb5812577
42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3
44cf0c7aebe493ef98b42bd6f0af1892712b28fc0d3395b85817c78ebbe196f6
478d1cd080ad8a570bb3950719f296d39c07e52a3b867cdd0f822ab9236fc33d
4888a2ce4df7aa69c4f4229934c0e11f1b13e7239048949c35070b26a8bee117
49d4ee2a8f3a1485de5d4907086d33322eea9412401a0416c19603cf9456a83e
4b298a3fa127e33d3dd0e7480702da7dbfc0f0aeb653f3dc7ef5baae1b21426b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57ce46084c4c06e56db539cc29126d3f06501c22b64a3481120e08de9b24fec0
5a1eb8e4013c14c39bbf864db74557aaf52f22451957a251ccf7780a3e8b13dc
5ba0a3350bf38301f691dc3ba4a70dbb243e0aded2594ce513ab8043eee0c98c
5e0764e229eb18802eed3923527b691f10cd1ac9e0c84cfee96ee54bb094b853
5f950181e9adfff08683e887a79a2fd78d107c38745344ef1d1e04ae87864078
673c79de9e33392bc95881a3d58488cf44e0509352a299e09bf119e2b09d170a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ceff9bae085d2dacab8d16c406bf4bbe3e8ce1f02b91954a82563e9b751fb6f
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
6fa7f4d5789e8b7a7745731cb0611becb628ff8fb690239f0d0aa5e6697eb07a
710dbca525bc365dfceb1e8f90e2735f51b366240d3d063a56a843663cfb8644
73ca6b2418efd8501e04cec2823bf68e9f1722767a5a439443af543f59b618e9
7f10b60a29ff558ff7052f1b93569d36cb1fff71b3ee347fafdf1e2d6f8960b8
7fd476cb8e49274de87d6712c360ca87f2be697d3f04746fd7a0afd9ae8c84b4
7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
80eb5bb22c350b6e7d6b0d133860eb4ed3cb91a3b8cd301ac00f2aecef47c903
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839b6256db7eb4ee47f9f0912ec869b50a619e853431d4b6e65abfd9154b852a
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
89b409b82a82e4159afd9a7d4240426f723e28ea599002c9b7ab7f82f7122c6e
8c5274aec9c4a656a085eda895e156d03470903630f25ba353abb0914fa2061c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918f37e0a3d838b34a1003f2dc3de23752d6042b376f0e5c817f35bcbaaa10b0
9a15538dd74db0130d015bc98cc75a0b6892c1a14ac9baa3027a1f79a8d86054
9bd20ff362a87f1b42989e3a1b21e2197f8ebe51e7df4406f8b15d580b0ab50a
9c6977d24e8c6c18c26cb9ab610f3c57ef9a1c7e9a3c4afadd3b73afada620a4
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f097b3f97e5b5bdd409eaacf86a583fb5afea65048c7c583e794ef70143ca35
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2c3e2ecfe9623ad36c8f2de9769e281dd6b81956b5767811dde9f0a5bf719f2
a5ab8c088c62497197af8ad29a8c592a9e1c367c18e4bf2a52f099cffe3b69ef
a5df935736aca95e4dd806155e810f075c0dc8c2ee84e5f14ce77a4bb3f1ea53
a88f254646cba38a992ddedecc91b44a195dbd684ec248be68262711c98e8673
ad3e96cb4461ada912c601d7163ea04a2ce8b5021c82d77a1eb1c8c13f81c29d
b0f142e8f3015a755a51e3f3511ffb0faa1b6c2dd82b15769c5405541c2d9453
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6d66cbb6aedd432591d189cd4bab78979b29c4f7f623580e78f7df6377b9bc9
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
ba85dcc4501219e3a80e27a741cf537ab352e32f1cb685139b1e7ff17f384856
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd2bc77a246628e8dc27f6a85a6e461603e516e55d09c0cd7135da7c5d9a8d32
c642c7ca52f6c1109ae4f95cc996868b27c2aa5d230bb2fae8b73969093eac17
ca0da371fc79d5f1483ec0553883cc918449e30d73318832b5454bbe57d0be30
cb25d90d09a4de0c2216b8f51ba557483481c64c909abe791fc58d69a3d5c8f4
cf18577fc2a0d7bc0fa771e517ecd6a876933f6f184b94140627b3f7e8ea9b30
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2f65b5b23c8346bf2a6a561789dd547803405f7291e517798c2f048dd0e7318
da3902c6f50673bc0161376b5c4c2871d51f72eeaf43d800cdd89865dd00f6ba
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb9c86b7030bea52fb8beafcc9efc078c1a8384b00034b39b2519a943215932
df95333b7ee62228a6066816556103d8f785497bb030e8c0c72170bb815c2e87
e2d67cfe851ac40b0ff20ccf8e923e97ff3413754725b80fd7ff0d677a45f352
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d09fc0364013f1df6ceef76b4c1981fc345faefa2090aef85765c2db44b925
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3aa698421d8695e0939a7563f724929382a02482af32d929feb740db8ced6d6
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f52801793c88535dc498c121133bbf74b708b25c1211848ef8f242d73b4f4868
f702e403f2f0bca7e1b1ab8a6b6e2ce20036d4bd96fa66c4cb8d87a24c378e51
f703617946f9773e55cfb1a7a3f93cbe30ff22a4884d80ccdd9ec3b2d511d5fd
f97870d03dd65b696454d4ce17c54189ef95cd3c6f9db52e01d7b6f9ad8e4b0d
f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40
faa7c5a62d21d645024e4385c3dfaf01614dffb80b2f51e9aa07b3a35a2c5090
febf85b4692197170c5346c98133d717782110bf21d85116bddbf09efa148be1

public.websteronline.com Open in urlscan Pro 3.218.70.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

83 %HTTPS

21 %IPv6

65 Domains

86 Subdomains

66 IPs

10 Countries

3607 kBTransfer

5214 kBSize

105 Cookies

13 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

public.websteronline.com Open in urlscan Pro
3.218.70.254 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

83 %
HTTPS

21 %
IPv6

65
Domains

86
Subdomains

66
IPs

10
Countries

3607 kB
Transfer

5214 kB
Size

105
Cookies

151 HTTP transactions
1 data transactions