www.american.bank Open in urlscan Pro
2606:4700:10::6816:28f9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.american.bank/
Submission: On August 29 via manual (August 29th 2023, 5:33:23 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 60 HTTP transactions. The main IP is 2606:4700:10::6816:28f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.american.bank.
TLS certificate: Issued by DigiCert EV RSA CA G2 on June 15th 2023. Valid for: a year.

This is the only time www.american.bank was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:10:... 2606:4700:10::6816:28f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
2	2600:1f18:24e... 2600:1f18:24e6:b901:7156:9124:8f29:b6f7	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:220... 2600:9000:2204:1400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
60	17

32 2606:4700:10::6816:28f9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.american.bank	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b901:7156:9124:8f29:b6f7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

csp-report.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:1400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	american.bank www.american.bank	2 MB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 357 www.linkedin.com — Cisco Umbrella Rank: 582 px4.ads.linkedin.com — Cisco Umbrella Rank: 6211	5 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	317 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93	2 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 736	58 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3400	267 B
2	google.de www.google.de — Cisco Umbrella Rank: 6490	562 B
2	browser-intake-datadoghq.com csp-report.browser-intake-datadoghq.com — Cisco Umbrella Rank: 25575
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 772	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	12 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 859	376 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 10467	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	16 KB
0	Failed function sub() { [native code] }. Failed
60	16

	Domain	Requested by
32	www.american.bank	www.american.bank
4	www.googletagmanager.com	www.american.bank www.googletagmanager.com
3	px.ads.linkedin.com	3 redirects
3	code.jquery.com	www.american.bank
2	pixel.sitescout.com	www.american.bank
2	www.google.de	www.american.bank
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	csp-report.browser-intake-datadoghq.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.jsdelivr.net	www.american.bank
1	px4.ads.linkedin.com	www.american.bank
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	www.google.com	www.american.bank
1	up.pixel.ad	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.american.bank
0	https Failed	www.american.bank
60	19

This site contains links to these domains. Also see Links.

Domain
myloan.anbank.com
american.bank
transparency-in-coverage.uhc.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
www.american.bank DigiCert EV RSA CA G2	`2023-06-15` - `2024-06-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.pixel.ad GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-24` - `2024-02-02`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.american.bank/
Frame ID: 107BEB7AE9D152BD51DBEBBCC5F87363
Requests: 60 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 183BBC3B331B0C8D99CC98396DAB44B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - American National Bank

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

60
Requests

97 %
HTTPS

82 %
IPv6

16
Domains

19
Subdomains

17
IPs

4
Countries

2671 kB
Transfer

4298 kB
Size

16
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://myloan.anbank.com/homehub/signup/mortgage@anbank.com
Title: Manage My Mortgage Application

Search URL Search Domain Scan URL

URL: https://american.bank/anbgo/
Title: ANB Go App

Search URL Search Domain Scan URL

URL: https://american.bank/stability-statement/
Title: Read more

Search URL Search Domain Scan URL

URL: https://american.bank/make-a-payment/
Title: Make a Loan Payment

Search URL Search Domain Scan URL

URL: https://american.bank/personal-banking/home-lending/find-your-mortgage-loan-officer/
Title: Find a Mortgage Loan Officer

Search URL Search Domain Scan URL

URL: https://american.bank/about/
Title: Discover American National Bank

Search URL Search Domain Scan URL

URL: https://american.bank/carver-legacy-center/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://transparency-in-coverage.uhc.com/
Title: Transparency in Coverage

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanNatBank/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/AmericanNatBank
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-national-bank_2/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/americannationalbank
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4226972%26time%3D1693330397186%26url%3Dhttps%253A%252F%252Fwww.american.bank%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F&cookiesTest=true&liSync=true&e_ipv6=AQJgeugyWX2wTAAAAYpCW1ukQb8wu5vVoaRfxk-l9npI3vY8JMPFH_NjK4p8EdBwc8PsO2eD

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.american.bank/ 127 KB
26 KB 873ms
526ms Document
text/html 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52368399f5ec35646975587a758d291433e86245e8abc402f0930d73c372eefc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7fe689bdbe2d9b94-FRA
content-encoding: gzip
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 17:33:16 GMT
link: <https://www.american.bank/wp-json/>; rel="https://api.w.org/" <https://www.american.bank/wp-json/wp/v2/pages/1188>; rel="alternate"; type="application/json" <https://www.american.bank/>; rel=shortlink
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=16070400; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-server-name: Wave-PPL-Web-14
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
www.american.bank/wp-includes/css/dist/block-library/ 95 KB
13 KB 103ms
99ms Stylesheet
text/css 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 5026180
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 May 2023 18:09:20 GMT
server: cloudflare
etag: W/"17ced-5fced1a355abb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c1ccd79b94-FRA
expires: Mon, 01 Jul 2024 13:23:36 GMT

GET
H2 200 classic-themes.min.css
www.american.bank/wp-includes/css/ 291 B
348 B 59ms
55ms Stylesheet
text/css 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
cf-cache-status: HIT
x-server-name: Wave-PPL-Web-14
age: 1054169
x-cache-status: STALE
x-cache-type: Static
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 May 2023 18:09:20 GMT
server: cloudflare
etag: W/"123-5fced1a35899b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c1ccd99b94-FRA
expires: Fri, 16 Aug 2024 12:43:47 GMT

GET
H2 200 style.css
www.american.bank/wp-content/themes/anb/ 401 KB
46 KB 59ms
55ms Stylesheet
text/css 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-content/themes/anb/style.css?ver=2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f386beacf629d309727798885f919c2d1848cd08afda20758a60f29753a4e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 3748416
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 May 2023 17:02:29 GMT
server: cloudflare
etag: W/"643ed-5fcec2b17a474"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c1ccdc9b94-FRA
expires: Tue, 16 Jul 2024 08:19:40 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/ 87 KB
16 KB 133ms
47ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css?ver=6.2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2841034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15248
last-modified: Thu, 22 Jun 2023 11:02:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3c-3b90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrcB2dp%2BIYqjeCO9SyIqYJ47Zmp%2FqwgVDmsWS42%2F6QQSG2VbfqnRLEH8edoZFIPqEbmyi7d2gDVykuQ%2Fi3L9jAXquf6ScRybYrYe4dH0Nx5%2F%2BWUQ02j4XME17uw4KU1jkStTmbRJXfolLtRLbieS8iYG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fe689c24fcb4d5c-FRA
expires: Sun, 18 Aug 2024 17:33:16 GMT

GET
H2 200 dashicons.min.css
www.american.bank/wp-includes/css/ 58 KB
35 KB 56ms
53ms Stylesheet
text/css 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-includes/css/dashicons.min.css?ver=6.2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 3784278
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:01:00 GMT
server: cloudflare
etag: W/"e688-5f2efaac9a300"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c1ccdd9b94-FRA
expires: Mon, 15 Jul 2024 22:21:58 GMT

GET
H2 200 jquery-3.6.4.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 135ms
45ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.slim.min.js
Requested by: Host: www.american.bank
URL: https://www.american.bank/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b6ca31cce239c5f5fe78c5441a9236466aa62cfd5d4262f5a9a2a6730b6fc1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-11bda"
vary: Accept-Encoding
x-hw: 1693330396.dop238.fr8.t,1693330396.cds282.fr8.hn,1693330396.cds325.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24725

GET
H2 200 wave.js Show response
www.american.bank/wp-content/themes/anb/assets/js/ 3 KB
1 KB 106ms
103ms Script
application/javascript 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-content/themes/anb/assets/js/wave.js?v=1.0&ver=6.2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9efa285c89a8d424d61e3e9ce4ebb0ba06157b0d8a8b66c175bb3a3426fd22f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 1054169
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 May 2023 20:27:27 GMT
server: cloudflare
etag: W/"a77-5fc7655196df4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c1cce09b94-FRA
expires: Fri, 16 Aug 2024 12:43:47 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 134ms
48ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6992537
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230085-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkTdtPhWoJevG4S1B3VnnxFff1eprsvib0%2BYwSx%2FoK1hosqktXUBKjCm%2BaRihoQsqNM6gbx0MHOCkNWfx69yXrHvX1uU15etI0oT%2BLxtdQWMvH9C2CpR0zZD%2Ff8zXaSmOAg4j15PXzqZKlcFdiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7fe689c24ada3626-FRA

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
30 KB 172ms
82ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: www.american.bank
URL: https://www.american.bank/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
x-hw: 1693330396.dop238.fr8.t,1693330396.cds282.fr8.hn,1693330396.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 31011

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 200ms
111ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: www.american.bank
URL: https://www.american.bank/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-1c1f"
vary: Accept-Encoding
x-hw: 1693330396.dop238.fr8.t,1693330396.cds282.fr8.hn,1693330396.cds161.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/jquery.slick/1.5.7/ 39 KB
10 KB 137ms
51ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.5.7/slick.min.js

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1346ba855702d564b8dbae71c7d8e9c465d6657bbbff6f3eaa00cedf4f4aa53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16275579
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230047-FRA, cache-yyz4537-YYZ
server: cloudflare
etag: W/"9ccf-PylnggHPuhukPZ3rqBUKsYXdrvQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETMHgJV9n%2B9gur3DlVYSLaPfrg4%2FyX9HMMn2aOvdtY5hZmWS8VRSnLlYEfVzwsRvgNovLZ5dFGLwFp69dILZcyqbV%2Bpn1yKNhogUGK0U9tofX8pTgbgkmZPSxeMYli2HvYRvGdgjRzzE8ZaPOBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7fe689c24adb3626-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 358 KB
92 KB 224ms
125ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPLTW5M

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7aea18f1e78fbef9a0a3357f62ee8cee4e6b1444a24b87ef8f4ebebe37f43b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93797
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Aug 2023 17:33:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 153ms
54ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-43556901-1

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba9f0811438e17383812f8f21797b434f6c3e0981acb49363f7e39d97d5a71ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66585
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 17:33:16 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.american.bank/wp-includes/js/ 18 KB
5 KB 65ms
60ms Script
application/javascript 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 178041
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 May 2023 18:09:20 GMT
server: cloudflare
etag: W/"4904-5fced1a365c8b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c31f729b94-FRA
expires: Mon, 26 Aug 2024 16:05:55 GMT

GET
H2 200 print.css
www.american.bank/wp-content/themes/anb/assets/css/ 3 KB
2 KB 83ms
81ms Stylesheet
text/css 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-content/themes/anb/assets/css/print.css?ver=2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 3191537
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 May 2023 17:01:45 GMT
server: cloudflare
etag: W/"b51-5fcec287cd16d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c34fd19b94-FRA
expires: Mon, 22 Jul 2024 19:00:59 GMT

GET
H2 200 sticky-logo.png
www.american.bank/wp-content/themes/anb/assets/images/ 2 KB
2 KB 63ms
58ms Image
image/png 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/themes/anb/assets/images/sticky-logo.png

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d96290ba9e6e3d96e971fd5d60901d7b56bf571c7f73fc77c49428725a88209

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
cf-cache-status: HIT
x-server-name: Wave-PPL-Web-14
age: 1054169
x-cache-status: STALE
x-cache-type: Static
content-length: 2380
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:00:47 GMT
server: cloudflare
etag: "94c-5f2efaa0345c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
accept-ranges: bytes
cf-ray: 7fe689c31f769b94-FRA
expires: Fri, 16 Aug 2024 12:43:47 GMT

GET
H2 200 mobile-logo.png
www.american.bank/wp-content/themes/anb/assets/images/ 10 KB
11 KB 54ms
50ms Image
image/png 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/themes/anb/assets/images/mobile-logo.png

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

019c31a7471ea3ccd70edfae5c95540a270036cbf1c5b7189f08a979c64b043c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
cf-cache-status: HIT
x-server-name: Wave-PPL-Web-14
age: 5375564
x-cache-status: STALE
x-cache-type: Static
content-length: 10690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:00:47 GMT
server: cloudflare
etag: "29c2-5f2efaa0345c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
accept-ranges: bytes
cf-ray: 7fe689c31f779b94-FRA
expires: Thu, 27 Jun 2024 12:20:32 GMT

GET
H2 200 Consumer-CD-Promo-Graphic_updated.svg
www.american.bank/wp-content/uploads/2023/07/ 47 KB
9 KB 79ms
74ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2023/07/Consumer-CD-Promo-Graphic_updated.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d81de58c7bc29c0d8b0a87cd89b6050eede3e5d17eee062e5d688b3c2e244560

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 471
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jul 2023 15:47:40 GMT
server: cloudflare
etag: W/"ba35-601ca59b368db"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c31f789b94-FRA
expires: Wed, 28 Aug 2024 17:25:25 GMT

GET
H2 200 icon-mobile-banking-60.svg
www.american.bank/wp-content/uploads/2022/02/ 2 KB
984 B 520ms
516ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/icon-mobile-banking-60.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a18f691747a43637cab9885c85f9410f0526a2dfa67f963e49da14cae8b10ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: MISS
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:47 GMT
server: cloudflare
etag: W/"8f4-5f7ab36681b6d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c31f7a9b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 icon-loan-quick-pay-60.svg
www.american.bank/wp-content/uploads/2022/02/ 3 KB
1 KB 66ms
62ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/icon-loan-quick-pay-60.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

404a280c2ef3e74d72e3f5cb021bf1629a91acca44064d661c26e00777f0faf2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 1054167
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:47 GMT
server: cloudflare
etag: W/"c1d-5f7ab3666370d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c31f7c9b94-FRA
expires: Fri, 16 Aug 2024 12:43:49 GMT

GET
H2 200 icon-2-person-verification-60.svg
www.american.bank/wp-content/uploads/2022/02/ 1 KB
2 KB 529ms
526ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/icon-2-person-verification-60.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3da87d194d468b9d8079efccbbeb8cc1d197fd8028011e0106e4e740365e736

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: MISS
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:44 GMT
server: cloudflare
etag: W/"50c-5f7ab363a068d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c31f7d9b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 icon-local-decision-making-60.svg
www.american.bank/wp-content/uploads/2022/02/ 1 KB
637 B 522ms
519ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/icon-local-decision-making-60.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae1bd7eb6911555f6d6fc95427f5fec9add0afeb0910e01e6d754eb31043357

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: MISS
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:47 GMT
server: cloudflare
etag: W/"455-5f7ab3666ac3d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c31f7e9b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 MLO-directory-promo-post-updated-050123.png
www.american.bank/wp-content/uploads/2023/05/ 1 MB
1 MB 792ms
788ms Image
image/png 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2023/05/MLO-directory-promo-post-updated-050123.png

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeda1691a4637182d5a73261b96707df85b005dcca8c2cb5365b091c3b362deb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
cf-cache-status: MISS
x-server-name: Wave-PPL-Web-14
x-cache-status: STALE
x-cache-type: Static
content-length: 1294356
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 May 2023 19:11:02 GMT
server: cloudflare
etag: "13c014-5faa695743cdd"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
accept-ranges: bytes
cf-ray: 7fe689c34fb89b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 IMG_0132-TyVon-orig_sm-for-web-2.jpg
www.american.bank/wp-content/uploads/2022/10/ 154 KB
155 KB 1023ms
1020ms Image
image/jpeg 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/10/IMG_0132-TyVon-orig_sm-for-web-2.jpg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3d452e14935dae0cefd90c472ceb91de02166fd95346c6b6699a80fda752a4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
cf-cache-status: MISS
x-server-name: Wave-PPL-Web-14
x-cache-status: STALE
x-cache-type: Static
content-length: 157964
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:27:34 GMT
server: cloudflare
etag: "2690c-5f7ab3935740b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
accept-ranges: bytes
cf-ray: 7fe689c34fb99b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 icon-community-engagement-60.svg
www.american.bank/wp-content/uploads/2022/02/ 3 KB
1 KB 552ms
548ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/icon-community-engagement-60.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e04943b3b2268f17ac162da557a2250c1ea2565759e9f945fdd4bf2793c6fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: MISS
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:45 GMT
server: cloudflare
etag: W/"cf0-5f7ab364a0835"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c34fbc9b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 icon-deep-client-relationships-60.svg
www.american.bank/wp-content/uploads/2022/02/ 3 KB
2 KB 549ms
546ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/icon-deep-client-relationships-60.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fae8798ee9cd8b007ee869ba31ce63116f5fc5de927f416105f5f322fdbf0e2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: MISS
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:46 GMT
server: cloudflare
etag: W/"d85-5f7ab3652032d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c34fbf9b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 icon-experience-and-expertise-60.svg
www.american.bank/wp-content/uploads/2022/02/ 4 KB
2 KB 564ms
561ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/icon-experience-and-expertise-60.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

972d64cd55308c3b995e48858b7b680dbbf992b393c3eb8a9719795885ca9f6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: MISS
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:46 GMT
server: cloudflare
etag: W/"fd5-5f7ab3655c41d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c34fc39b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 icon-perfectly-sized-60.svg
www.american.bank/wp-content/uploads/2022/02/ 3 KB
1 KB 573ms
570ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/icon-perfectly-sized-60.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c67fba1573277c7c7a6ef32ffe8d8ec6c071d4632e7371beaed48b7ad15546d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: MISS
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:48 GMT
server: cloudflare
etag: W/"aa9-5f7ab366c595d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c34fc79b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 icon-innovative-technology-60.svg
www.american.bank/wp-content/uploads/2022/02/ 3 KB
1 KB 563ms
560ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/icon-innovative-technology-60.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f318cb545e38d944a90c15b70cbc5bc43f97ec4dfe629e93fcd5ecea036fdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: MISS
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:47 GMT
server: cloudflare
etag: W/"ad7-5f7ab366091bd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c34fca9b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 white-logo.svg
www.american.bank/wp-content/uploads/2022/02/ 10 KB
4 KB 84ms
81ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2022/02/white-logo.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e4c3c5e071e2a227aabac17fe210312facb4ebd5e9013e7277bfdcbd41e339d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 3076787
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 20:26:56 GMT
server: cloudflare
etag: W/"274e-5f7ab36f023a4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c34fcd9b94-FRA
expires: Wed, 24 Jul 2024 02:53:29 GMT

GET
H2 200 primary-navigation.js Show response
www.american.bank/wp-content/themes/anb/assets/js/ 8 KB
2 KB 58ms
57ms Script
application/javascript 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-content/themes/anb/assets/js/primary-navigation.js?ver=2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a106e87ab7d922311e1180acb9dd9efc2857eb43f64a4d7938bd6b45f01346

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 178041
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:00:47 GMT
server: cloudflare
etag: W/"1f58-5f2efaa0345c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c2ff429b94-FRA
expires: Mon, 26 Aug 2024 16:05:55 GMT

GET
H2 200 responsive-embeds.js Show response
www.american.bank/wp-content/themes/anb/assets/js/ 1 KB
2 KB 51ms
50ms Script
application/javascript 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-content/themes/anb/assets/js/responsive-embeds.js?ver=2.2

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 4956437
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:00:47 GMT
server: cloudflare
etag: W/"467-5f2efaa0345c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c30f5a9b94-FRA
expires: Tue, 02 Jul 2024 08:45:59 GMT

GET
H2 200 white-logo.svg
www.american.bank/wp-content/themes/anb/assets/images/ 10 KB
4 KB 91ms
89ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/themes/anb/assets/images/white-logo.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e4c3c5e071e2a227aabac17fe210312facb4ebd5e9013e7277bfdcbd41e339d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 3076787
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:00:47 GMT
server: cloudflare
etag: W/"274e-5f2efaa0345c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c34fcf9b94-FRA
expires: Wed, 24 Jul 2024 02:53:29 GMT

GET
H2 200 Man-holding-cell-phone-in-hands-and-showing-woman-screen-and-smiling-together-at-home-1.jpg
www.american.bank/wp-content/uploads/2023/06/ 220 KB
220 KB 777ms
776ms Image
image/jpeg 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2023/06/Man-holding-cell-phone-in-hands-and-showing-woman-screen-and-smiling-together-at-home-1.jpg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0042814a3b9587bac76722b7612d8d551c143a2a38ca309e7591379f7a1c832

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
cf-cache-status: MISS
x-server-name: Wave-PPL-Web-14
x-cache-status: STALE
x-cache-type: Static
content-length: 225060
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 22 Jun 2023 18:19:49 GMT
server: cloudflare
etag: "36f24-5febbee0d48a8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
accept-ranges: bytes
cf-ray: 7fe689c34fd39b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 mobile-logo.svg
www.american.bank/wp-content/themes/anb/assets/images/ 10 KB
4 KB 73ms
73ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/themes/anb/assets/images/mobile-logo.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/wp-content/themes/anb/style.css?ver=2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ae214f3b77d57b424225f723a7a811818e775873f3432ec4351c5f78ac95fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/wp-content/themes/anb/style.css?ver=2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: HIT
age: 178041
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:00:47 GMT
server: cloudflare
etag: W/"2751-5f2efaa0345c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c34fd49b94-FRA
expires: Mon, 26 Aug 2024 16:05:55 GMT

GET
H2 200 GothamMedium.otf
www.american.bank/wp-content/themes/anb/assets/fonts/ 126 KB
126 KB 85ms
80ms Font
application/vnd.oasis.opendocument.formula-template 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-content/themes/anb/assets/fonts/GothamMedium.otf

Requested by

Host: www.american.bank
URL: https://www.american.bank/wp-content/themes/anb/style.css?ver=2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.american.bank/wp-content/themes/anb/style.css?ver=2.2
Origin: https://www.american.bank
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
cf-cache-status: HIT
x-server-name: Wave-PPL-Web-14
age: 471
x-cache-status: HIT
content-length: 128768
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:00:47 GMT
server: cloudflare
etag: "1f700-5f2efaa0345c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/vnd.oasis.opendocument.formula-template
cache-control: max-age=14400
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
accept-ranges: bytes
cf-ray: 7fe689c34fd59b94-FRA

GET
H2 200 GothamBold.otf
www.american.bank/wp-content/themes/anb/assets/fonts/ 124 KB
125 KB 552ms
547ms Font
application/vnd.oasis.opendocument.formula-template 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-content/themes/anb/assets/fonts/GothamBold.otf

Requested by

Host: www.american.bank
URL: https://www.american.bank/wp-content/themes/anb/style.css?ver=2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88b3795f97ee469c9e30430b54d35c11cdf28c96e3e71d0122e37e6bf025c0b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.american.bank/wp-content/themes/anb/style.css?ver=2.2
Origin: https://www.american.bank
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
cf-cache-status: REVALIDATED
x-server-name: Wave-PPL-Web-14
x-cache-status: HIT
content-length: 127472
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:00:47 GMT
server: cloudflare
etag: "1f1f0-5f2efaa0345c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/vnd.oasis.opendocument.formula-template
cache-control: max-age=14400
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
accept-ranges: bytes
cf-ray: 7fe689c34fd89b94-FRA

GET
H2 200 GothamBook.otf
www.american.bank/wp-content/themes/anb/assets/fonts/ 125 KB
125 KB 549ms
545ms Font
application/vnd.oasis.opendocument.formula-template 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.american.bank/wp-content/themes/anb/assets/fonts/GothamBook.otf

Requested by

Host: www.american.bank
URL: https://www.american.bank/wp-content/themes/anb/style.css?ver=2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.american.bank/wp-content/themes/anb/style.css?ver=2.2
Origin: https://www.american.bank
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
cf-cache-status: REVALIDATED
x-server-name: Wave-PPL-Web-14
x-cache-status: STALE
content-length: 128020
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Jan 2023 15:00:47 GMT
server: cloudflare
etag: "1f414-5f2efaa0345c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/vnd.oasis.opendocument.formula-template
cache-control: max-age=14400
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
accept-ranges: bytes
cf-ray: 7fe689c34fda9b94-FRA

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://www.american.bank
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 Consumer-MM-Promo-Graphic_updated.svg
www.american.bank/wp-content/uploads/2023/07/ 57 KB
12 KB 527ms
526ms Image
image/svg+xml 2606:4700:10::6816:28f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.american.bank/wp-content/uploads/2023/07/Consumer-MM-Promo-Graphic_updated.svg

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c1fd2de42bb3807b7c445c736db6f513b01ce7045d69d7b4186a12b59a36ffb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
content-encoding: gzip
x-server-name: Wave-PPL-Web-14
cf-cache-status: MISS
x-cache-status: STALE
x-cache-type: Static
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jul 2023 15:47:37 GMT
server: cloudflare
etag: W/"e462-601ca598eb26b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: accelerometer=(), autoplay=*, camera=(), encrypted-media=(self), fullscreen=*, payment=(), clipboard-read=(self), clipboard-write=(self), gamepad=()
cf-ray: 7fe689c35ff59b94-FRA
expires: Wed, 28 Aug 2024 17:33:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
91 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZTMK3MTYMT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43556901-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

614168dcb8dc03a3871cdc08c50418e29817e5bdcf3649daed672563eb99698b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 17:33:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43556901-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Aug 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6213
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 29 Aug 2023 17:49:43 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
702 B 127ms
39ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPLTW5M

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

09175e4bf29bcada94ab400b8c3fc66a032341f16d2ab497c8503c0f729b63a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:14 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=58810
accept-ranges: bytes
content-length: 491

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10978405556/ 3 KB
2 KB 172ms
82ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10978405556/?random=1693330396946&cv=11&fst=1693330396946&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.american.bank%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20-%20American%20National%20Bank&auid=1592573636.1693330397&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPLTW5M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9920ca9b22cc3d22445270fcb7ae6e0167bcf053fe5648bcf67ce12bdb7470ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:33:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 138ms
39ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPLTW5M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 385167
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: de6fae19d24c0362ec9cd96f2b780006

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
69 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-375667805&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPLTW5M

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2cafcd615a8ff01e52ea31b89d2e155421863223d5b91921010751293f5b0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70523
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Aug 2023 17:33:16 GMT

GET url
https//linkprotect.cudasvc.com/ 0
0

POST
H2 202 logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0 462ms
198ms Other
application/json 2600:1f18:24e6:b901:7156:9124:8f29:b6f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTMK3MTYMT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:7156:9124:8f29:b6f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.american.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/csp-report

Response headers

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 153ms
49ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZTMK3MTYMT&cid=1354115147.1693330397&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTMK3MTYMT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:33:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.american.bank
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 176ms
77ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTMK3MTYMT&cid=1354115147.1693330397&gtm=45je38n0&aip=1&z=992289630

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:33:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 46ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1154208419&t=pageview&_s=1&dl=https%3A%2F%2Fwww.american.bank%2F&ul=en-us&de=UTF-8&dt=Home%20-%20American%20National%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=915656989&gjid=1601905109&cid=1354115147.1693330397&tid=UA-43556901-1&_gid=223257925.1693330397&_r=1&gtm=457e38n0&jsscut=1&z=1057603738

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.american.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:33:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.american.bank
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0 348ms
151ms Other
application/json 2600:1f18:24e6:b901:7156:9124:8f29:b6f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-375667805&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:7156:9124:8f29:b6f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.american.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 41ms
40ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=58759
accept-ranges: bytes
content-length: 4862

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 71ms
49ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-43556901-1&cid=1354115147.1693330397&jid=915656989&gjid=1601905109&_gid=223257925.1693330397&_u=YADAAUAAAAAAACAAI~&z=798854797

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.american.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Aug 2023 17:33:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.american.bank
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10978405556/ 42 B
455 B 149ms
57ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10978405556/?random=1693330396946&cv=11&fst=1693328400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.american.bank%2F&frm=0&tiba=Home%20-%20American%20National%20Bank&fmt=3&is_vtc=1&random=1255827497&rmt_tld=0&ipr=y

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:33:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10978405556/ 42 B
455 B 52ms
51ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10978405556/?random=1693330396946&cv=11&fst=1693328400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.american.bank%2F&frm=0&tiba=Home%20-%20American%20National%20Bank&fmt=3&is_vtc=1&random=1255827497&rmt_tld=1&ipr=y

Requested by

Host: www.american.bank
URL: https://www.american.bank/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:33:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4226972/domain/american.bank/ 36 B
376 B 124ms
42ms XHR
application/json 2600:9000:2204:1400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4226972/domain/american.bank/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:1400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.american.bank/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:47:00 GMT
content-encoding: gzip
via: 1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 2777
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: s_lNZuNnWdunegaLdHZJqFsP06L9fPhriiLMVZSVcVbJulUg_aHY2w==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4226972%26time%3D1693330397186%26url%3Dhttps%253A%252F%252Fwww.american.bank%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F&cookiesTest=true&liSync=true&e_ipv6=AQJgeugyWX2wTAAAAYpCW1ukQb8wu5vVoaRfxk-l9np...

0
265 B

823ms
734ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F&cookiesTest=true&liSync=true&e_ipv6=AQJgeugyWX2wTAAAAYpCW1ukQb8wu5vVoaRfxk-l9npI3vY8JMPFH_NjK4p8EdBwc8PsO2eD
Requested by: Host: www.american.bank
URL: https://www.american.bank/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:33:18 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 41DBF95F919E40999CF750B10828425F Ref B: FRAEDGE2013 Ref C: 2023-08-29T17:33:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEEzTqRTFulPhu7spUNg==

Redirect headers

date: Tue, 29 Aug 2023 17:33:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AAA3326A6DB64059B97F6F1F2F02EB82 Ref B: FRAEDGE1707 Ref C: 2023-08-29T17:33:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4226972&time=1693330397186&url=https%3A%2F%2Fwww.american.bank%2F&cookiesTest=true&liSync=true&e_ipv6=AQJgeugyWX2wTAAAAYpCW1ukQb8wu5vVoaRfxk-l9npI3vY8JMPFH_NjK4p8EdBwc8PsO2eD
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEEzTd3o2y6EjRjyCwrA==

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 183B 0
0 145ms
46ms Document
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.american.bank
URL: https://www.american.bank/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash

Request headers

Referer: https://www.american.bank/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 29 Aug 2023 17:33:17 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 200 6dc7a4114ea2e404
pixel.sitescout.com/up/ 43 B
267 B 149ms
50ms Image
image/gif 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/6dc7a4114ea2e404?cntr_url=https%3A%2F%2Fwww.american.bank%2F
Requested by: Host: www.american.bank
URL: https://www.american.bank/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.american.bank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:33:17 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: https
URL: https://https//linkprotect.cudasvc.com/url?a=https%3a%2f%2f%2f%2fdi.rlcdn.com%2f406006.gif%3fpdata%3dpartner%253Dtap457294%252Cdata%253Dtype%253Asite%2524audience%253ASS_BaileyLauerman_AmericanNationalBank_ClientSite_Control&c=E,1,dSLLl6eucxQjiUHqKrBH47tcSs34mQKLObArjVbIeVkU42rk8jPnVYLyNj2z90gV_po_jfgkHPAGh6m9i3GSSWZRDuBiC2pOTjgKbyrc-ods0qjai6Q,&typo=1

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.american.bank/	1969-12-31 23:59:59	Name: PHPSESSID Value: k1qfudito8dn1793sod3ts6kjd
.american.bank/	1970-01-20 16:31:46	Name: _gcl_au Value: 1.1.1592573636.1693330397
.american.bank/	1970-01-20 23:58:10	Name: _ga_ZTMK3MTYMT Value: GS1.1.1693330397.1.0.1693330397.60.0.0
.american.bank/	1970-01-20 14:23:36	Name: _gid Value: GA1.2.223257925.1693330397
.american.bank/	1970-01-20 14:22:10	Name: _gat_gtag_UA_43556901_1 Value: 1
.american.bank/	1970-01-20 23:58:10	Name: _ga_375667805 Value: GS1.1.1693330397.1.0.1693330397.0.0.0
.american.bank/	1970-01-20 23:58:10	Name: _ga Value: GA1.1.1354115147.1693330397
.doubleclick.net/	1970-01-20 14:22:11	Name: test_cookie Value: CheckForPermission
www.american.bank/	1970-01-20 14:23:36	Name: ln_or Value: eyI0MjI2OTcyIjoiZCJ9
.linkedin.com/	1970-01-20 16:31:46	Name: li_sugr Value: 34ba3188-602d-4363-8854-9cfcf7ce1c4f
.linkedin.com/	1970-01-20 23:07:46	Name: bcookie Value: "v=2&48a759a1-a3b6-4830-8c96-0188ae1004c0"
.linkedin.com/	1970-01-20 14:23:36	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2579:u=1:x=1:i=1693330397:t=1693416797:v=2:sig=AQGHgzAC3FeKwUuVaS1xsdAUGQfh-FRw"
.linkedin.com/	1970-01-20 15:05:22	Name: UserMatchHistory Value: AQLik79RD-P5NgAAAYpCW1ml1X5wPWcjdjRr8DSBeFa4uuiJgdnl3IP2pr0AFWrq9eozi4Fk9zhylA
.linkedin.com/	1970-01-20 15:05:22	Name: AnalyticsSyncHistory Value: AQIsDnLd0K3zDAAAAYpCW1ml87JB9yx4VsZyveqFJPadjgfbR2b2mMEbOk6tmUtjwSJcYqjAQXXpl8inDpzj4A
.www.linkedin.com/	1970-01-20 23:07:46	Name: bscookie Value: "v=1&2023082917331745bbc8bf-b353-4563-8f01-57de156a1e1cAQGOn113Lgyg1WM82z-bqCH7F5qu8Wwg"
.linkedin.com/	1970-01-20 18:41:22	Name: li_gc Value: MTswOzE2OTMzMzAzOTc7MjswMjFznDso79nwIkxdMdeLqRVVkme9bHyXhbXX2ht+CEekCw==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://https//linkprotect.cudasvc.com/url?a=https%3a%2f%2f%2f%2fdi.rlcdn.com%2f406006.gif%3fpdata%3dpartner%253Dtap457294%252Cdata%253Dtype%253Asite%2524audience%253ASS_BaileyLauerman_AmericanNationalBank_ClientSite_Control&c=E,1,dSLLl6eucxQjiUHqKrBH47tcSs34mQKLObArjVbIeVkU42rk8jPnVYLyNj2z90gV_po_jfgkHPAGh6m9i3GSSWZRDuBiC2pOTjgKbyrc-ods0qjai6Q,&typo=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-ZTMK3MTYMT&l=dataLayer&cx=c(Line 184) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-ZTMK3MTYMT&gtm=45je38n0&_p=1154208419&_gaz=1&cid=1354115147.1693330397&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693330397&sct=1&seg=0&dl=https%3A%2F%2Fwww.american.bank%2F&dt=Home%20-%20American%20National%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1' because it violates the following Content Security Policy directive: "connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-375667805&l=dataLayer&cx=c(Line 71) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-375667805&gtm=45je38n0&_p=1154208419&cid=1354115147.1693330397&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693330397&sct=1&seg=0&dl=https%3A%2F%2Fwww.american.bank%2F&dt=Home%20-%20American%20National%20Bank&en=page_view&_fv=1&_ss=1&ep.content_group=https%3AHomeHomewww.american.bankHome' because it violates the following Content Security Policy directive: "connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://cdnjs.cloudflare.com https://pixel.sitescout.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://adservice.google.com 'unsafe-inline'; connect-src 'self' https://stats.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io https://adservice.google.com https://maps.googleapis.com; frame-src https://form.asana.com https://intranet.anbank.com https://app.acuityscheduling.com https://vimeo.com https://videos.sproutvideo.com https://td.doubleclick.net https://player.vimeo.com https://pixel.sitescout.com https://maps.googleapis.com https://www.googletagmanager.com https://filter.techloq.com https://tpc.googlesyndication.com https://www.google.com https://anbank.na2.echosign.com https://www.canva.com https://www.youtube.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; style-src-elem * data: 'unsafe-inline'; img-src * data:; media-src * data:; font-src * data:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1388a512063760fff04504543f514f27&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=CSP
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
code.jquery.com
csp-report.browser-intake-datadoghq.com
googleads.g.doubleclick.net
https
pixel.sitescout.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
up.pixel.ad
www.american.bank
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
https
13.107.42.14
178.79.242.16
2001:4de0:ac18::1:a:2b
2600:1f18:24e6:b901:7156:9124:8f29:b6f7
2600:9000:2204:1400:2:53b2:240:93a1
2606:4700:10::6816:28f9
2606:4700::6810:5514
2606:4700::6811:190e
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:82a::200e
2a00:1450:400c:c0a::9d
2a02:26f0:480:f::213:7edd
98.98.134.242
019c31a7471ea3ccd70edfae5c95540a270036cbf1c5b7189f08a979c64b043c
09175e4bf29bcada94ab400b8c3fc66a032341f16d2ab497c8503c0f729b63a4
1e4c3c5e071e2a227aabac17fe210312facb4ebd5e9013e7277bfdcbd41e339d
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2ae1bd7eb6911555f6d6fc95427f5fec9add0afeb0910e01e6d754eb31043357
2c1fd2de42bb3807b7c445c736db6f513b01ce7045d69d7b4186a12b59a36ffb
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9
404a280c2ef3e74d72e3f5cb021bf1629a91acca44064d661c26e00777f0faf2
4c67fba1573277c7c7a6ef32ffe8d8ec6c071d4632e7371beaed48b7ad15546d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52368399f5ec35646975587a758d291433e86245e8abc402f0930d73c372eefc
5d96290ba9e6e3d96e971fd5d60901d7b56bf571c7f73fc77c49428725a88209
614168dcb8dc03a3871cdc08c50418e29817e5bdcf3649daed672563eb99698b
6a18f691747a43637cab9885c85f9410f0526a2dfa67f963e49da14cae8b10ca
6b6ca31cce239c5f5fe78c5441a9236466aa62cfd5d4262f5a9a2a6730b6fc1c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72e04943b3b2268f17ac162da557a2250c1ea2565759e9f945fdd4bf2793c6fe
76ae214f3b77d57b424225f723a7a811818e775873f3432ec4351c5f78ac95fc
7aea18f1e78fbef9a0a3357f62ee8cee4e6b1444a24b87ef8f4ebebe37f43b39
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
88b3795f97ee469c9e30430b54d35c11cdf28c96e3e71d0122e37e6bf025c0b8
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e
972d64cd55308c3b995e48858b7b680dbbf992b393c3eb8a9719795885ca9f6a
9920ca9b22cc3d22445270fcb7ae6e0167bcf053fe5648bcf67ce12bdb7470ec
9efa285c89a8d424d61e3e9ce4ebb0ba06157b0d8a8b66c175bb3a3426fd22f1
a0042814a3b9587bac76722b7612d8d551c143a2a38ca309e7591379f7a1c832
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ba9f0811438e17383812f8f21797b434f6c3e0981acb49363f7e39d97d5a71ed
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756
d3da87d194d468b9d8079efccbbeb8cc1d197fd8028011e0106e4e740365e736
d7f386beacf629d309727798885f919c2d1848cd08afda20758a60f29753a4e4
d81de58c7bc29c0d8b0a87cd89b6050eede3e5d17eee062e5d688b3c2e244560
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1346ba855702d564b8dbae71c7d8e9c465d6657bbbff6f3eaa00cedf4f4aa53
e1a106e87ab7d922311e1180acb9dd9efc2857eb43f64a4d7938bd6b45f01346
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f318cb545e38d944a90c15b70cbc5bc43f97ec4dfe629e93fcd5ecea036fdd
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
eeda1691a4637182d5a73261b96707df85b005dcca8c2cb5365b091c3b362deb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cafcd615a8ff01e52ea31b89d2e155421863223d5b91921010751293f5b0bb
f3d452e14935dae0cefd90c472ceb91de02166fd95346c6b6699a80fda752a4d
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fae8798ee9cd8b007ee869ba31ce63116f5fc5de927f416105f5f322fdbf0e2c

www.american.bank Open in urlscan Pro 2606:4700:10::6816:28f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

82 %IPv6

16 Domains

19 Subdomains

17 IPs

4 Countries

2671 kBTransfer

4298 kBSize

16 Cookies

12 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.american.bank Open in urlscan Pro
2606:4700:10::6816:28f9 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

82 %
IPv6

16
Domains

19
Subdomains

17
IPs

4
Countries

2671 kB
Transfer

4298 kB
Size

16
Cookies

60 HTTP transactions
1 data transactions