www.americanbanker.com Open in urlscan Pro
65.9.96.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3uwgbaQ 
Effective URL:
https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Submission: On July 28 via api (July 28th 2021, 12:38:17 am UTC) from US

Summary HTTP 248 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 92 IPs in 10 countries across 83 domains to perform 248 HTTP transactions. The main IP is 65.9.96.116, located in United States and belongs to AMAZON-02, US. The main domain is www.americanbanker.com.
TLS certificate: Issued by Amazon on March 23rd 2021. Valid for: a year.

This is the only time www.americanbanker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	65.9.96.119 65.9.96.119	16509 (AMAZON-02) (AMAZON-02)
1	65.9.96.116 65.9.96.116	16509 (AMAZON-02) (AMAZON-02)
11	13.224.193.78 13.224.193.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.26 151.101.193.26	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.96.80 65.9.96.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:c0b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.193.63 13.224.193.63	16509 (AMAZON-02) (AMAZON-02)
31	2606:4700::68... 2606:4700::6811:b9b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	52.203.104.110 52.203.104.110	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
2	54.229.143.145 54.229.143.145	16509 (AMAZON-02) (AMAZON-02)
1	13.224.194.170 13.224.194.170	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::729 2a04:4e42:3::729	54113 (FASTLY) (FASTLY)
1	13.224.193.105 13.224.193.105	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.95.61 65.9.95.61	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.208.203.88 54.208.203.88	14618 (AMAZON-AES) (AMAZON-AES)
4 9	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
3	3.224.4.25 3.224.4.25	14618 (AMAZON-AES) (AMAZON-AES)
1	52.72.113.151 52.72.113.151	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:19c::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
1 2	65.9.96.73 65.9.96.73	16509 (AMAZON-02) (AMAZON-02)
6	34.247.75.254 34.247.75.254	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.9.98.12 65.9.98.12	16509 (AMAZON-02) (AMAZON-02)
1 11	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
1	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1	116.202.80.165 116.202.80.165	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:9000:21f... 2600:9000:21f3:be00:8:2b19:8600:93a1	16509 (AMAZON-02) (AMAZON-02)
4	52.216.83.56 52.216.83.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5 7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 3	52.29.9.114 52.29.9.114	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.58.198.108 52.58.198.108	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	35.156.106.231 35.156.106.231	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.198.86.30 18.198.86.30	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
4 4	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 2	52.58.221.124 52.58.221.124	16509 (AMAZON-02) (AMAZON-02)
1 1	3.124.55.148 3.124.55.148	16509 (AMAZON-02) (AMAZON-02)
2	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 2	34.251.130.56 34.251.130.56	16509 (AMAZON-02) (AMAZON-02)
2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	34.242.58.198 34.242.58.198	16509 (AMAZON-02) (AMAZON-02)
1	52.218.30.19 52.218.30.19	16509 (AMAZON-02) (AMAZON-02)
1	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
1	85.90.246.246 85.90.246.246	63949 (LINODE-AP...) (LINODE-AP Linode)
1	54.72.233.167 54.72.233.167	16509 (AMAZON-02) (AMAZON-02)
1	65.9.96.65 65.9.96.65	16509 (AMAZON-02) (AMAZON-02)
2 2	54.205.106.87 54.205.106.87	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.208.28.104 52.208.28.104	16509 (AMAZON-02) (AMAZON-02)
1 1	3.8.243.222 3.8.243.222	16509 (AMAZON-02) (AMAZON-02)
4	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.127.92.82 3.127.92.82	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.183 216.46.185.183	13649 (ASN-VINS) (ASN-VINS)
3 4	51.89.21.31 51.89.21.31	16276 (OVH) (OVH)
4 4	51.75.14.249 51.75.14.249	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1	65.9.96.36 65.9.96.36	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:4400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:1000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	52.206.103.176 52.206.103.176	14618 (AMAZON-AES) (AMAZON-AES)
248	92

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.119 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.paymentssource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.116 (United States)

ASN16509 (AMAZON-02, US)

www.americanbanker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.224.193.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-78.fra2.r.cloudfront.net

arizent.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.26 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.80 (United States)

ASN16509 (AMAZON-02, US)

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:c0b6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-63.fra2.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.104.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.143.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-170.fra2.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.105 (United States)

ASN16509 (AMAZON-02, US)

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.61 (United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.203.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.zetaglobal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.221.50 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.224.4.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.113.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:19c::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.96.73 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.247.75.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.98.12 (United States)

ASN16509 (AMAZON-02, US)

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.6.253 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.80.165 (Eichendorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.80.202.116.clients.your-server.de

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:be00:8:2b19:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.newsletters.sourcemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.216.83.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

source-media-brightspot-lower.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.9.114 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.198.108 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.106.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.86.30 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.242.197 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.221.124 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.55.148 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

l.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.130.56 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.58.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.30.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.90.246.246 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.233.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.65 (United States)

ASN16509 (AMAZON-02, US)

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.106.87 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.28.104 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-28-104.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.8.243.222 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.92.82 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.183 (United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.21.31 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.14.249 (France) 4 redirects

ASN16276 (OVH, FR)

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.36 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:4400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:1000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.103.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com id.tinypass.com api-v3.tinypass.com	922 KB
20	adform.net 3 redirects a2.adform.net s2.adform.net c1.adform.net dmp.adform.net	41 KB
18	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	104 KB
17	doubleclick.net 5 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	135 KB
13	googlesyndication.com 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	124 KB
12	2mdn.net s0.2mdn.net	91 KB
11	brightspotcdn.com arizent.brightspotcdn.com	2 MB
10	gstatic.com fonts.gstatic.com	227 KB
9	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	10 KB
9	teads.tv a.teads.tv s8t.teads.tv t.teads.tv sync.teads.tv	134 KB
6	google.com www.google.com adservice.google.com	962 B
6	googleapis.com ajax.googleapis.com fonts.googleapis.com	33 KB
5	amazonaws.com source-media-brightspot-lower.s3.amazonaws.com s3-eu-west-1.amazonaws.com	6 KB
5	google-analytics.com www.google-analytics.com	22 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	2 KB
4	id5-sync.com 3 redirects id5-sync.com	6 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	semasio.net 4 redirects uipglob.semasio.net	3 KB
4	sourcemedia.com images.newsletters.sourcemedia.com	35 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
4	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	41 KB
4	facebook.net connect.facebook.net	168 KB
4	googletagservices.com www.googletagservices.com	126 KB
3	360yield.com 2 redirects ad.360yield.com ice.360yield.com	1 KB
3	facebook.com www.facebook.com	416 B
3	google.de www.google.de	280 B
3	cxense.com cdn.cxense.com comcluster.cxense.com	34 KB
3	bing.com bat.bing.com	9 KB
3	cloudfront.net d1z2jf7jlzjs58.cloudfront.net d10lpsik1i8c69.cloudfront.net	7 KB
3	boomtrain.com cdn.boomtrain.com people.api.boomtrain.com events.api.boomtrain.com	26 KB
2	3lift.com 1 redirects eb2.3lift.com	717 B
2	tapad.com 2 redirects pixel.tapad.com	906 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	580 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	audrte.com 2 redirects a.audrte.com	3 KB
2	openx.net 1 redirects eu-u.openx.net	471 B
2	bluekai.com tags.bluekai.com	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net	1016 B
2	eyeota.net ps.eyeota.net	688 B
2	sharethis.com 1 redirects sync.sharethis.com	632 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	pubmatic.com simage2.pubmatic.com	744 B
2	bidswitch.net 2 redirects x.bidswitch.net	928 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	678 B
2	adscale.de 2 redirects ih.adscale.de	692 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	rlcdn.com idsync.rlcdn.com	66 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	877 B
2	parsely.com cdn.parsely.com p1.parsely.com	26 KB
2	ml314.com ml314.com	13 KB
2	polyfill.io polyfill.io	676 B
1	quantcount.com rules.quantcount.com	1 KB
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	236 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	mathtag.com 1 redirects pixel.mathtag.com	583 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	456 B
1	agkn.com 1 redirects aa.agkn.com	341 B
1	userreport.com pdw-adf.userreport.com	444 B
1	krxd.net beacon.krxd.net	338 B
1	adsafety.net cm.adsafety.net	229 B
1	onaudience.com pixel.onaudience.com	248 B
1	adrtx.net 1 redirects api.adrtx.net	406 B
1	exelator.com loadm.exelator.com	324 B
1	consensu.org 1 redirects l.sharethis.mgr.consensu.org	389 B
1	stickyadstv.com ads.stickyadstv.com	713 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	yieldlab.net ad.yieldlab.net	360 B
1	seadform.net a1.seadform.net	344 B
1	zetaglobal.net api.zetaglobal.net	939 B
1	zencdn.net vjs.zencdn.net	395 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	npttech.com www.npttech.com	3 KB
1	googletagmanager.com www.googletagmanager.com	88 KB
1	unpkg.com unpkg.com	7 KB
1	americanbanker.com www.americanbanker.com	72 KB
1	paymentssource.com 1 redirects www.paymentssource.com	509 B
1	bit.ly 1 redirects bit.ly	443 B
248	83

	Domain	Requested by
29	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
12	s0.2mdn.net	2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com s0.2mdn.net
11	c1.adform.net	1 redirects a2.adform.net c1.adform.net
11	arizent.brightspotcdn.com	www.americanbanker.com buy.tinypass.com
10	fonts.gstatic.com	fonts.googleapis.com
9	dt.adsafeprotected.com	www.americanbanker.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.americanbanker.com 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com tpc.googlesyndication.com
6	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.americanbanker.com
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cm.g.doubleclick.net	5 redirects
5	www.google.com	www.americanbanker.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	ib.adnxs.com	3 redirects a2.adform.net www.americanbanker.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.americanbanker.com
5	fonts.googleapis.com	www.americanbanker.com buy.tinypass.com
4	cookie-matching.mediarithmics.com	4 redirects
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	match.adsrvr.org	4 redirects
4	uipglob.semasio.net	4 redirects
4	secure.adnxs.com	1 redirects a2.adform.net c1.adform.net www.americanbanker.com
4	source-media-brightspot-lower.s3.amazonaws.com	buy.tinypass.com
4	images.newsletters.sourcemedia.com	buy.tinypass.com
4	t.teads.tv	www.americanbanker.com
4	a2.adform.net	2 redirects www.americanbanker.com a2.adform.net
4	connect.facebook.net	www.americanbanker.com connect.facebook.net
4	www.googletagservices.com	www.americanbanker.com securepubads.g.doubleclick.net 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
3	www.facebook.com	www.americanbanker.com connect.facebook.net
3	www.google.de	www.americanbanker.com
3	a.dpmsrv.com	www.americanbanker.com s.dpmsrv.com
3	bat.bing.com	www.americanbanker.com bat.bing.com
3	experience.tinypass.com	www.americanbanker.com cdn.tinypass.com
2	static.adsafeprotected.com	pixel.adsafeprotected.com www.americanbanker.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	ps.eyeota.net	c1.adform.net
2	sync.sharethis.com	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	simage2.pubmatic.com	c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	www.americanbanker.com c1.adform.net
2	2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	d10lpsik1i8c69.cloudfront.net	www.americanbanker.com
2	sb.scorecardresearch.com	1 redirects www.americanbanker.com
2	s8t.teads.tv	a.teads.tv www.americanbanker.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
2	px.ads.linkedin.com	2 redirects
2	a.teads.tv	www.googletagmanager.com s8t.teads.tv
2	ml314.com	www.americanbanker.com ml314.com
2	polyfill.io	www.americanbanker.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	pixel.quantserve.com	a2.adform.net
1	rules.quantcount.com	secure.quantserve.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	global.ib-ibi.com	c1.adform.net
1	pixel.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.adsafety.net	c1.adform.net
1	pixel.onaudience.com	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	loadm.exelator.com	c1.adform.net
1	l.sharethis.mgr.consensu.org	1 redirects
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	secure.quantserve.com	a2.adform.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	comcluster.cxense.com	www.americanbanker.com
1	a1.seadform.net	www.americanbanker.com
1	p1.parsely.com	www.americanbanker.com
1	id.tinypass.com	cdn.tinypass.com
1	events.api.boomtrain.com	cdn.boomtrain.com
1	api.zetaglobal.net	cdn.boomtrain.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	px4.ads.linkedin.com	www.americanbanker.com
1	www.linkedin.com	1 redirects
1	s.dpmsrv.com	www.americanbanker.com
1	vjs.zencdn.net	www.americanbanker.com
1	d1z2jf7jlzjs58.cloudfront.net	www.americanbanker.com
1	s2.adform.net	www.americanbanker.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.tinypass.com	experience.tinypass.com
1	people.api.boomtrain.com	cdn.boomtrain.com
1	cdn.boomtrain.com	www.americanbanker.com
1	www.npttech.com	www.americanbanker.com
1	www.googletagmanager.com	www.americanbanker.com
1	ajax.googleapis.com	www.americanbanker.com
1	cdn.adsafeprotected.com	www.americanbanker.com
1	unpkg.com	www.americanbanker.com
1	www.americanbanker.com
1	www.paymentssource.com	1 redirects
1	bit.ly	1 redirects
248	115

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
blog.google
www.paymentssource.com
info.wrightsmedia.com
www.arizent.com

Subject Issuer	Validity	Valid
*.accountingtechnology.com Amazon	`2021-03-23` - `2022-04-21`	a year	crt.sh
*.sourcemedia.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
cdn.boomtrain.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.api.boomtrain.com Amazon	`2020-12-16` - `2022-01-14`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.dpmsrv.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
app.zetaglobal.net Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.seadform.net DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-03`	a year	crt.sh
view.newsletters.arizent.com GeoTrust RSA CA 2018	`2021-01-12` - `2022-01-19`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.eyeota.net R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.adsafety.net R3	`2021-07-12` - `2021-10-10`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
sync.1dmp.io R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-03-17` - `2022-04-15`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Frame ID: A99B60F8058C35BC77D280695DD41D53
Requests: 119 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Frame ID: D8FDF47393E8477F0EA2B7BA5C2FBFDC
Requests: 11 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Frame ID: E9D5B590E8C95FC9CDD38162DC4CDBEB
Requests: 13 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTXTWIP3RVAY&offerId=fakeOfferId&experienceId=EXT2DU62YJP3&iframeId=offer_47114cb451c84b956915-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Frame ID: 8214F23DBC3125DC2AE2A0C456D35A68
Requests: 10 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=1662401&lid=56730269&ctype=0&media=0&PageName=American_Banker+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&rnd=1959318285&cpref=&loc=https%3a%2f%2fwww.americanbanker.com%2fpayments%2fnews%2fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3b%7b%2522sender%2522%3a%2522offer-0-HIVyb%2522%2c%2522displayMode%2522%3a%2522modal%2522%2c%2522recipient%2522%3a%2522opener%2522%2c%2522event%2522%3a%2522resize%2522%2c%2522params%2522%3a%7b%2522width%2522%3a500%2c%2522height%2522%3a0%2c%2522iframeId%2522%3a%2522offer-0-HIVyb%2522%7d%7d
Frame ID: AB989E61772F1C5ED91027E09179A929
Requests: 6 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Frame ID: 8AC7BC2E27B08384AE73C7B2F75C8975
Requests: 45 HTTP requests in this frame

Frame: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7D952CB8F04ECFF5B05B8EA38C2DBC97
Requests: 1 HTTP requests in this frame

Frame: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FFF555C90A7DC922ACE645A42E331DF5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsue_HIwIovCRK0mlKszNXf11WLoI4hNdA4qZ7KR4F4OxrgTGS8-nKbuELMgwf4zWI2rUOd-RtQnU1iiYkouCJbvoZvjYPMqoopfw94ggFrnTwjKZqHDowhbGJ3tq2g43_gzgi5czLdCX4EfUtcf4smu_K2pETYhpH4hdwlfvlR4pQzGw5t2q-ILf17NLRUZGsmlQg3q4Y1mdmB9r8bfKR3phr1mRt8aY8jqmBjn1hoUOnmZ3kNWeU7AhkYKnpx6U5HH0chZ_X7bJVBOfHT_8yy3D52qx9GiIMr0cZihnQAZ5s7USQ-BWR4rDgepwHyxKY82SznIDZuPGTmlgZE1hIg7euVscDZB&sig=Cg0ArKJSzHTgkE_J-VwHEAE&adurl=
Frame ID: B6A9F50439A5AF8DD51A69D440D9534E
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=11046&campId=300x250&pubId=4456012746&chanId=22401786010&placementId=5680235680&pubCreative=138348011648&pubOrder=2850669722&cb=796612269&custom=bigbox1&adsafe_par&impId=0c26aed0-ef3c-11eb-ba94-067f141e2336&custom3=
Frame ID: 128AD5E3877BFD90E94F2EFA18D2A976
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
Frame ID: 4F31B18282349DF10CC82A3F3ECC9326
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.9.js
Frame ID: 496C31519FFDB5981A25410FA76A957C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 419871BCD6B95537B3FA19ADEB361EEE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C617B1A1476847083BE41FACD78BB419
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Frame ID: 5B9372B335D7917C2CB53F91EE9433A8
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3uwgbaQ& HTTP 301
https://www.paymentssource.com/news/what-senguptas-departure-means-for-googles-payments-business HTTP 301
https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business Page URL

Page Statistics

248
Requests

100 %
HTTPS

31 %
IPv6

83
Domains

115
Subdomains

92
IPs

10
Countries

4845 kB
Transfer

14508 kB
Size

34
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/dialog/share?app_id=1203048096448894&display=popup&href=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&text=What%20Sengupta%27s%20departure%20means%20for%20Google%27s%20payments%20business
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&mini=true&title=What%20Sengupta%27s%20departure%20means%20for%20Google%27s%20payments%20business&summary=%20Google%20will%20have%20to%20bring%20new%20leadership%20to%20initiatives%20like%20financial%20inclusion%20and%20its%20operations%20in%20India%20now%20that%20Caesar%20Sengupta%2C%20vice%20president%20and%20general%20manager%20of%20payments%2C%20has%20announced%20he%20will%20leave%20the%20company.&source=American%20Banker
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/caesars/status/1373862921575432194
Title: Sengupta will leave Google

Search URL Search Domain Scan URL

URL: https://blog.google/perspectives/caesar-sengupta/banks-governments-and-tech-need-work-together/
Title: Sengupta encouraging

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/indias-payments-umbrella-could-provide-uneven-cover
Title: collaborating with Facebook

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/google-pay-overhaul-adds-in-app-banking-with-citi-stanford-fcu-and-others
Title: collaboration

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/google-paypal-veteran-osama-bedier-joins-wepays-board
Title: Osama Bedier

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/obedier/
Title: Poynt

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/lessons-from-google-wallet-pave-qrails-ceos-path-forward
Title: QRails

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/google-wallet-executive-peter-hazlehurst-resigns-wsj
Title: Peter Hazelhurst

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/why-uber-grab-are-taking-bigger-steps-into-fintech
Title: Uber

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/how-a-college-project-took-on-uber-then-set-its-sights-on-payments
Title: invisible payments

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/sklebe/
Title: Steve Klebe

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/voice-payments-get-mainstream-resources-but-niche-adoption
Title: voice-directed payments

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/apple-card-fortifies-the-digital-model-and-thats-trouble-for-banks
Title: Apple Card's

Search URL Search Domain Scan URL

URL: https://www.paymentssource.com/news/googles-p2p-move-in-singapore-follows-indias-playbook
Title: P2P app

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/arizent-licensing-and-reprints
Title: Reprint

Search URL Search Domain Scan URL

URL: https://twitter.com/@amerbanker
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanBanker
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.arizent.com/privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.arizent.com/news/arizent-subscription-agreement
Title: Subscription Agreement

Search URL Search Domain Scan URL

URL: https://www.arizent.com/media-kit
Title: Advertising/Marketing Services

Search URL Search Domain Scan URL

URL: https://www.arizent.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3uwgbaQ& HTTP 301
https://www.paymentssource.com/news/what-senguptas-departure-means-for-googles-payments-business HTTP 301
https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 38

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1627432673918&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D674964%26time%3D1627432673918%26url%3Dhttps%253A%252F%252Fwww.americanbanker.com%252Fpayments%252Fnews%252Fwhat-senguptas-departure-means-for-googles-payments-business%252316164755323392%2526amp%253B%257B%252522sender%252522%253A%252522offer-0-HIVyb%252522%252C%252522displayMode%252522%253A%252522modal%252522%252C%252522recipient%252522%253A%252522opener%252522%252C%252522event%252522%253A%252522resize%252522%252C%252522params%252522%253A%257B%252522width%252522%253A500%252C%252522height%252522%253A0%252C%252522iframeId%252522%253A%252522offer-0-HIVyb%252522%257D%257D%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1627432673918&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1627432673918&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&liSync=true&e_ipv6=AQKaAMs6o5ZI6gAAAXrqi-SyukjBEllKgGljMTMvxGJVv95OzkH79bBLh0YwCnXKtF7Y2-o2

Request Chain 50

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D342%26pixelIndex%3D0%26r%3D94324%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.americanbanker.com%252Fpayments%252Fnews%252Fwhat-senguptas-departure-means-for-googles-payments-business%252316164755323392%2526amp%253B%257B%252522sender%252522%253A%252522offer-0-HIVyb%252522%252C%252522displayMode%252522%253A%252522modal%252522%252C%252522recipient%252522%253A%252522opener%252522%252C%252522event%252522%253A%252522resize%252522%252C%252522params%252522%253A%257B%252522width%252522%253A500%252C%252522height%252522%253A0%252C%252522iframeId%252522%253A%252522offer-0-HIVyb%252522%257D%257D&_=1627432674064 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D342%2526pixelIndex%253D0%2526r%253D94324%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.americanbanker.com%25252Fpayments%25252Fnews%25252Fwhat-senguptas-departure-means-for-googles-payments-business%25252316164755323392%252526amp%25253B%25257B%25252522sender%25252522%25253A%25252522offer-0-HIVyb%25252522%25252C%25252522displayMode%25252522%25253A%25252522modal%25252522%25252C%25252522recipient%25252522%25253A%25252522opener%25252522%25252C%25252522event%25252522%25253A%25252522resize%25252522%25252C%25252522params%25252522%25253A%25257B%25252522width%25252522%25253A500%25252C%25252522height%25252522%25253A0%25252C%25252522iframeId%25252522%25253A%25252522offer-0-HIVyb%25252522%25257D%25257D%26_%3D1627432674064 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=8340039968546267958&q=xImp&v=1.x&cl=342&pixelIndex=0&r=94324&tzOffset=-120&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&_=1627432674064

Request Chain 75

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1627432674228&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=89362683&cs_ucfr= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1627432674228&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=89362683&cs_ucfr=

Request Chain 78

https://a2.adform.net/Serving/TrackPoint/?pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=783379586078&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&loc=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=783379586078&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&loc=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8340039968546267958&pixelIndex=0&_=1627432674065 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8340039968546267958&pixelIndex=0&_=1627432674065&google_gid=CAESEBx4N5guojPMBnte48U5Hio&google_cver=1

Request Chain 147

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=9146429097182601575&Expiration=1628642274 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=9146429097182601575&Expiration=1628642274

Request Chain 150

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9146429097182601575&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9146429097182601575&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=e24ae78509784c4489d05218edd8e25a HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=dc2cc891a982e969d999d41485a4f011bf75f82b8c9e008a05ac7bb232e56370

Request Chain 152

https://pixel.advertising.com/ups/55944/sync?uid=9146429097182601575&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=9146429097182601575&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=9146429097182601575&_origin=1&apid=UP0c73e456-ef3c-11eb-b808-06d5b5baec4e HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=9146429097182601575&_origin=1&apid=UP0c73e456-ef3c-11eb-b808-06d5b5baec4e&verify=true

Request Chain 154

https://x.bidswitch.net/sync?dsp_id=70&user_id=9146429097182601575 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=9146429097182601575 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2629ad56-0db5-4976-8d6e-586583b87e15&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 155

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9146429097182601575&expiration=1628642274 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9146429097182601575&expiration=1628642274&C=1

Request Chain 156

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=9146429097182601575&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=9146429097182601575&sInitiator=external HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OTI0NEZBQkE0NDVDQTRFNw&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEEUoVRDAhhaEQQqdAhQbVvE&sInitiator=internal&google_cver=1&gdpr=&gdpr_consent=&google_cver=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=22d75ffe-e9d0-4075-955d-12bd35e70351 HTTP 302
https://sync.sharethis.com/semasio?uid=9244FABA445CA4E7&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D HTTP 301
https://l.sharethis.mgr.consensu.org/rd?rurl=https%3A%2F%2Fsync.sharethis.com%2Fsemasio%3Fgdpr%3D1%26gdpr_consent%3D%26rd%3D0%26rurl%3Dhttps%253A%252F%252Fuipglob.semasio.net%252Fsharethis%252F1%252Finfo%253FsType%253Dsync%2526sInitiator%253Dinternal%2526sExtCookieId%253D%26uid%3D9244FABA445CA4E7 HTTP 302
https://sync.sharethis.com/semasio?gdpr=1&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=9244FABA445CA4E7

Request Chain 160

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9146429097182601575 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=9146429097182601575

Request Chain 162

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9146429097182601575 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=9146429097182601575

Request Chain 163

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTE0NjQyOTA5NzE4MjYwMTU3NQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAVSgOPmGQJax6CGTMUm5fQ&google_cver=1&google_ula=1641347,0

Request Chain 169

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=8340039968546267958&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=9146429097182601575

Request Chain 172

https://a.audrte.com/a?adform_uid=9146429097182601575 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEFcrLi6W5o4SSjKhM6TiqKI&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=0ahL-BXXBjQRrevwHfapHy4vA&gdpr=0&gdpr_consent=

Request Chain 173

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=9146429097182601575&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=9146429097182601575&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=76139189795514788243581955709615183178&noredirect=1

Request Chain 174

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=9146429097182601575 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164910403861000004295

Request Chain 175

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6989770119867463832

Request Chain 177

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=bbe06100-a6e3-4500-b6f0-0acecfc833fa

Request Chain 178

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=D1nSzSQE1M8xAa5

Request Chain 179

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=22d75ffe-e9d0-4075-955d-12bd35e70351

Request Chain 181

https://id5-sync.com/s/10/0.gif?puid=9146429097182601575 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=9146429097182601575&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAbF4hwS7gCpvzoBXczNv7d5SOqp2pgzWT-V9fA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=9b563459-eee9-470e-ba2a-c37926d5ec69&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDCf3lMsUYoSVJZDBgx2ATA&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDCf3lMsUYoSVJZDBgx2ATA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8340039968546267958&opid=apx&ops=&utidl=tech:goo:CAESEDCf3lMsUYoSVJZDBgx2ATA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19392991521&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

Request Chain 182

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1716725659 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=I./Sbv0CLyllAbIVUFfpNu

Request Chain 184

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=9146429097182601575 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=9146429097182601575&cs=1

Request Chain 186

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=9146429097182601575&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=9146429097182601575&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=996dc502-6812-4230-b1c3-100a62796c5c

Request Chain 188

https://eb2.3lift.com/xuid?mid=7354&xuid=9146429097182601575&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=9146429097182601575&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

248 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request what-senguptas-departure-means-for-googles-payments-business Show response
www.americanbanker.com/payments/news/
Redirect Chain

https://bit.ly/3uwgbaQ&
https://www.paymentssource.com/news/what-senguptas-departure-means-for-googles-payments-business
https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

299 KB
72 KB

466ms
337ms

Document
text/html

65.9.96.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: f0f5825ba2a4ed475af0c9c69d3c46f83d4c62893dcb70c79c529610bc4b1cf7

Request headers

Host: www.americanbanker.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=120
Content-Encoding: gzip
Date: Wed, 28 Jul 2021 00:37:52 GMT
Server: Apache-Coyote/1.1
X-Powered-By: Brightspot
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: u0RnUkXB7gj3fF4nbx3bHnX5NZQhh8rL1Nmp5_jKXHRYl60xTMtnIg==

Redirect headers

Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=120
Date: Wed, 28 Jul 2021 00:37:52 GMT
Location: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Server: Apache-Coyote/1.1
X-Powered-By: Brightspot
X-Cache: Miss from cloudfront
Via: 1.1 77d19519a1c9ed821ab469548b9d17f5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: 9tk0tplRx1WnPguC8ezPobQsZy_xnjGhb3ZDy_od9SmSYjw8PDnF-Q==

GET
H/1.1 200
OK All.min.ee729e49f188b7f99f9be1f505c9adf6.gz.css
arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/ 571 KB
77 KB 105ms
30ms Stylesheet
text/css 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/All.min.ee729e49f188b7f99f9be1f505c9adf6.gz.css
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6e42eaea0904f9c91f78bee317110bd68797ebab8903801c697ecb6b22136c8

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:25:38 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 13:06:03 GMT
Server: AmazonS3
Age: 472336
ETag: "7b61b4e987b6e69fdad99682c51232ab"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 77964
X-Amz-Cf-Id: BUp8BrCxoUDSTSH-v-kNzL8cWloZHJMdX95g2c2m6ys7dWJsfBhozw==

GET
H2 200 runtime.js Show response
unpkg.com/regenerator-runtime@0.13.1/ 23 KB
7 KB 27ms
13ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/regenerator-runtime@0.13.1/runtime.js

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f792fe255fbfcd352fe4b2f759c95980e57d8d297939e12262d9be1e87f48c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 411324
fly-request-id: 01FB90ERSJB364PHBEC0TVGRTA
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"5b05-y9GmlKf9QAx3EInfgjTVmKGWlRQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 675a0a9f18474a67-FRA

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
531 B 65ms
21ms Script
text/javascript 151.101.193.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Document%2CPromise%2CPromise.prototype.finally%2CObject.getOwnPropertyNames%2CObject.getOwnPropertySymbols%2Ces6%2Ces2015%2Ces2016%2Ces2017%2Ces2018%2Ces2019

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1365981
detected-user-agent: Chrome/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Sun, 11 Jul 2021 13:22:32 GMT
date: Wed, 28 Jul 2021 00:37:53 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK All.min.154b300e33abcea64bb4e448e74f6124.gz.js Show response
arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/ 2 MB
549 KB 94ms
30ms Script
text/javascript 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/All.min.154b300e33abcea64bb4e448e74f6124.gz.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b268dcd05a00b934b80d65e8bcaa680c29918cd2657c754edc899f7a50b830c

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 13:25:37 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 22 Jul 2021 13:06:04 GMT
Server: AmazonS3
Age: 472337
ETag: "055e7271546f6f8c12a7a4c6a87446bb"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 561674
X-Amz-Cf-Id: deWRaXzNYmUcOiBB1oB0zz_R-94jkxKgD0z30_xdX-lOIjEqino9Qw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 70 KB
24 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1d5825631c3829c30ecb200cc2ca26ccc8d05bcc32f41c73058ae80673c60a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "942 / 736 of 1000 / last-modified: 1627423831"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24734
x-xss-protection: 0
expires: Wed, 28 Jul 2021 00:37:53 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 154ms
51ms Script
application/javascript 65.9.96.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 20:24:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 15210
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: hDtLnjzgT5RzZdsSaGxy1kxJysG8FMGMb9GqnUB-nciL_K9cIMv18A==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Jul 2022 00:14:23 GMT

GET
H/1.1 200
OK brand-american-banker-black.svg
arizent.brightspotcdn.com/16/d8/797fc38443bb83caf649880b26cd/ 4 KB
5 KB 31ms
30ms Image
image/svg+xml 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/16/d8/797fc38443bb83caf649880b26cd/brand-american-banker-black.svg
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56b9d2d2849305918fe661cce7bdb8dcdbc83bb18c170884e625d2b2dd417210

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 06:41:16 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 30 Jul 2020 22:13:05 GMT
Server: AmazonS3
Age: 2224598
ETag: "63fa0ed0a7fecbb154f75e59955f7528"
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 4520
X-Amz-Cf-Id: oquUz75sIRTt1a0gf63KBbfYSUDQKiGGT3OJroBLl1nhYoA6ei9BqQ==

GET
H/1.1 200
OK 257336420.jpg
arizent.brightspotcdn.com/32/3b/5cd9de6d4a45bc6ba2d236ca0d96/ 888 KB
889 KB 68ms
35ms Image
image/jpeg 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/32/3b/5cd9de6d4a45bc6ba2d236ca0d96/257336420.jpg
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71d67ff2283beef1b6870d8ce83f66b60b13631c0cc0fb9b0de057580c6dda74

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 16:25:09 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 22 Mar 2021 17:59:23 GMT
Server: AmazonS3
Age: 115965
ETag: "33ee6caedd35572a7dc6415707355048"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 909484
X-Amz-Cf-Id: KHDO0FR_ZvLiAIbCaODPragkJDbLQdwnohvdthbnTwL03wG6m7CGTA==

GET
H/1.1 200
OK /
arizent.brightspotcdn.com/dims4/default/89f393a/2147483647/strip/true/crop/1000x165+0+0/resize/727x120!/quality/90/ 12 KB
13 KB 95ms
30ms Image
image/png 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/dims4/default/89f393a/2147483647/strip/true/crop/1000x165+0+0/resize/727x120!/quality/90/?url=https%3A%2F%2Fsource-media-brightspot.s3.amazonaws.com%2F01%2F05%2F6f8ad49b408398d634628e2d653f%2Farizent-logo.png
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: c0bf2ffd17947ef568c786a47a930113f516a10a09b72485363621d110ff207b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 09 May 2021 16:51:57 GMT
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 6853556
ETag: e1afff1a21c8b5289e1f92ff04f9f84c
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 12422
X-Amz-Cf-Id: psTLnBQ7t9nOYeNUmUQXBoDAQYsQ8L4w69MZQkuGpvUHBeke4duzWg==
Expires: Mon, 09 May 2022 16:51:57 GMT

GET
H/1.1 200
OK jshint_2.13.0.279c236b75a5da43567e97cec91dd6db.gz.js Show response
arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/jshint/ 1 MB
307 KB 95ms
30ms Script
text/javascript 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/jshint/jshint_2.13.0.279c236b75a5da43567e97cec91dd6db.gz.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d5f7ed178594d09e25e87cba0e328167a6e48d2508b4a4898ee7f05c21c0a69

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 19:20:54 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 14 Jul 2021 19:09:21 GMT
Server: AmazonS3
Age: 1142220
ETag: "b76103b4c850ad47f75d962f6a4ce99a"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 313784
X-Amz-Cf-Id: f9LT7f22ujJK5s7Y0Nl4ioWBjCEQ_tl9K8RxwXMk90FaSvoRkImYFw==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1017 B 34ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9062b283108aee3d80a32cada8435bd6e2b642f3532de4ec9460136e98d6bc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.americanbanker.com
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 23:20:43 GMT
server: ESF
date: Wed, 28 Jul 2021 00:37:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 00:37:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8240d5ecefa9f0dabbc007b279fb5e76afd19fdb22aacceaa8ef5260ef34719d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7IIV2XPvcUmgjoiZLFC4pQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: lwCJaRvolO+1kKXDvtobMiEbAypLyxTC4cG4jOjMq/KrnXwd/HCCs84YwcUvjEijDRnw7E1AQxRctO14x6tPAQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 84a5bf9540826fa0f1b96daf5df445f1
x-frame-options: DENY
date: Wed, 28 Jul 2021 00:37:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "33cfac9e6da66eb91740d774ad8db01e"
timing-allow-origin: *
expires: Wed, 28 Jul 2021 00:51:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 442 KB
88 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d91bba126de404cb7ad8e98be24884b3b992152f347f50c956d2dd415b56092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90375
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jul 2021 00:37:53 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 31ms
14ms Script
application/javascript 2606:4700:3032::ac43:c0b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c0b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6467
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: MY9S0PJDNWKA0N4N
x-amz-id-2: u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEntDEgtgjOmWBtFaQM0fnZvI9eLG1zt80yi2GWvnvs41jCkkIymYsTtMJju6OIXkUwKqFIhZ1vbhCFSBQRmIbBWbIJXWmWxYsqLd7fGyFUBu5k6tYlYrmrRNQYalHxhWNF4iQ9heI2qkYyLEjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 675a0aa04b7a4321-FRA

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/sourcemedia-prod/ 76 KB
25 KB 115ms
36ms Script
application/javascript 13.224.193.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-63.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff4c752ea5d84913f292bb4a85dff5c2a7d7e045a1cb76779c3fe0a5279c2124

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: o2rBhbeT71HVbGysb11TCaV_vgcdQFGT
Content-Encoding: gzip
ETag: W/"907305613cc355a74395dbbc3272d738"
Age: 32
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Sun, 25 Jul 2021 04:44:23 GMT
Server: AmazonS3
Date: Wed, 28 Jul 2021 00:37:30 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: xB64nEt_NUJHrlY_QVKIVxlYqwEv37VD-L2MQxAbJrDKofHpS4SRGw==

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 72 B
145 B 20ms
20ms Other
text/javascript 151.101.193.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1365981
detected-user-agent: Chrome/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Sun, 11 Jul 2021 13:22:32 GMT
date: Wed, 28 Jul 2021 00:37:53 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 5 KB
2 KB 35ms
17ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=XUnXNMUrFF

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d1628388f2ff257a020fae75fb9a9a37e9131462975ffdd39dbab1077324a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 979
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: CybixwqIsSx
wn: prod-exp-10-0-118-17
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 675a0aa0ff194a6e-FRA
expires: Wed, 28 Jul 2021 01:07:53 GMT

GET
H2 200 pubads_impl_2021072402.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
115 KB 106ms
37ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

ddbe62de5ae24097612d0546735d390e3202e985da76fd4fb2a4fa31c29fd1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 19:56:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117130
x-xss-protection: 0
expires: Wed, 28 Jul 2021 00:37:53 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 103 B
746 B 105ms
37ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.americanbanker.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

940fbdac552f933897115c54607c9bca3749a1ae8e8f3c4f4e5934205b8093a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Wed, 28 Jul 2021 00:37:53 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 232 KB
67 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=29846135a51f06e8d6c4d1a970e7beb6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df4bd877d6266b7cf8d6494e509d20fc3f8f0ab0048f847669c46721d128e769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.americanbanker.com
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QhI8VbQPpwd4CjHSUh+PYQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69059
x-fb-rlafr: 0
x-fb-debug: j7NfVgZdSDeTaFEVc6IU/Ev88TTZy7an4LuLuPifk7Dp1zmC4Fxr2jsvS8tx2dbfoEOd/EWh+RHLbFyxGQORcA==
x-fb-content-md5: 34fb104a2448c314f40f32d7279a1897
x-frame-options: DENY
date: Wed, 28 Jul 2021 00:37:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b48b3f533be42da1ef0f9efdad3997db"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Jul 2022 21:40:53 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.americanbanker.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 04:01:05 GMT
x-content-type-options: nosniff
age: 74208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 04:01:05 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.americanbanker.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 57811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:34:22 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.americanbanker.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 87672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:41 GMT

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 345 B
660 B 406ms
111ms XHR
application/json 52.203.104.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6e319&site_id=sourcemedia-prod
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.104.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: ec05a5fbf3d0731fa0027e214e956b5ef61d4bf1330a4759d481744cc2df4e1e

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:53 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 345

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 411 KB
135 KB 23ms
22ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=XUnXNMUrFF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

439c5077e37873fd04924047599ff73206e82eac735ba8df7b8c0f12f942bd19

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 45
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-133-254
last-modified: Tue, 27 Jul 2021 12:04:16 GMT
server: cloudflare
etag: W/"420652-1627387456000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=300
cf-ray: 675a0aa2f96b4a6e-FRA
expires: Wed, 28 Jul 2021 00:42:53 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 105ms
41ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Jul 2021 00:37:53 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 19ms
6ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=35206
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

142ms
45ms

Script
application/x-javascript

37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 07:34:20 GMT
server: nginx
etag: W/"60a21c7c-13e2b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 28 Jul 2021 00:37:54 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 174ms
47ms Script
application/javascript 54.229.143.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?286
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Jul 2021 06:31:32 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=21218
Connection: keep-alive
Content-Length: 12574
Expires: Wed, 28 Jul 2021 06:31:32 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
24 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: HWBwgjMBMu5cWL7glq+9iglqbjww4mvKv0duKbtaHHZ1tBpzlgnx9ShhZl5mad1/qQcra3KkLQiGOmQpotO+vw==
x-frame-options: DENY
date: Wed, 28 Jul 2021 00:37:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 98ms
29ms Script
application/javascript 13.224.194.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-170.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 27 Jul 2021 21:36:55 GMT
Via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
Age: 10858
ETag: "5eb31be4-3a2"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA2-C1
Content-Length: 930
X-Amz-Cf-Id: cIENVGHstpDmY4vRBitgTGrlBAg9sv6ULBE_B5GAKeBr2vZqYB_XoA==
Expires: Wed, 28 Jul 2021 21:36:55 GMT

GET
H2 200 video.js Show response
vjs.zencdn.net/7.6.5/ 2 MB
395 KB 25ms
10ms Script
application/javascript 2a04:4e42:3::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.6.5/video.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 59a717e69bec72ad009181785a1a65b674d1c01e77e04bdc718deb02a9b97671

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 14:08:10 GMT
etag: "6ad9f2485086f3f4265513b2a6599cf1"
x-served-by: cache-fra19154-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 404443
x-cache-hits: 1

GET
H/1.1 200
OK dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js Show response
s.dpmsrv.com/ 112 KB
38 KB 115ms
29ms Script
application/x-javascript 13.224.193.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5e1876373576f4110b6ad82c25041aa2e9762cc4a417939eeb20e654818a818

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 04:30:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 May 2020 20:46:58 GMT
Server: AmazonS3
Age: 72459
ETag: "b10698ccacbd3420aaa5389feaa6b0f5"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 38693
X-Amz-Cf-Id: Yffa_ROwS8iw4p-Qtt9vzK8uRNpAGP9XXX0aIMEM1wfyWgeWIYxSrg==

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 45ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 18:24:21 GMT
x-msedge-ref: Ref A: E91095979D6845F29BB4A331B5BCB550 Ref B: FRAEDGE1215 Ref C: 2021-07-28T00:37:53Z
etag: "80b87575947dd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9014

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1591
date: Wed, 28 Jul 2021 00:11:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 28 Jul 2021 02:11:22 GMT

GET
H2 200 tag Show response
a.teads.tv/page/71453/ 2 KB
1018 B 182ms
87ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/71453/tag
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ebf3fe00a4717363c2aeb2c3013c0a2a2945135f89c93b740613bec5bf967b4c

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 818
expires: Wed, 28 Jul 2021 01:37:53 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1627432673918&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-busines...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D674964%26time%3D1627432673918%26url%3Dhttps%253A%252F%252Fwww.americanbanker.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1627432673918&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-busines...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1627432673918&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-busine...

0
156 B

320ms
118ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1627432673918&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&liSync=true&e_ipv6=AQKaAMs6o5ZI6gAAAXrqi-SyukjBEllKgGljMTMvxGJVv95OzkH79bBLh0YwCnXKtF7Y2-o2
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: Y52RLGXNlRZwGVDNOysAAA==

Redirect headers

date: Wed, 28 Jul 2021 00:37:54 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1627432673918&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&liSync=true&e_ipv6=AQKaAMs6o5ZI6gAAAXrqi-SyukjBEllKgGljMTMvxGJVv95OzkH79bBLh0YwCnXKtF7Y2-o2
x-li-proto: http/2
x-li-pop: prod-edc2
content-length: 0
x-li-uuid: tDFGGWXNlRZg/0x9AysAAA==

GET
H3-29 200 1859681287603644 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 73ms
72ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1859681287603644?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5c57b4baf884989170e3b3b753a2f9abee35e245919ff243b319ddf437e780a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: cKxzhjQUpH7J/EffAqYtZVfTUbdgA+u/717SLmShKLXuqHT5+SPmife6fKa3mlRKoumK0qXHWubzvrg1FDwnsA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 28 Jul 2021 00:37:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 15ms
13ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2081
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 28 Jul 2021 01:03:12 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1354
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Wed, 28 Jul 2021 01:15:19 GMT

GET
H2 204 17523647.js Show response
bat.bing.com/p/action/ 0
126 B 137ms
137ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17523647.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Jul 2021 00:37:53 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: FA4C2B1402054615A24BF359F28F2E9A Ref B: FRAEDGE1215 Ref C: 2021-07-28T00:37:53Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
149 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17523647&Ver=2&mid=2a575a3b-0aa1-4930-8919-0ece183a39c8&sid=0bc4a8c0ef3c11eb83695f23613d51fc&vid=0bc536d0ef3c11eb8758a16469f0e473&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=What%20Sengupta%27s%20departure%20means%20for%20Google%27s%20payments%20business%20%7C%20PaymentsSource%20%7C%20American%20Banker&kw=Digital%20payments,Google,PSO%20content&p=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&r=&lt=1264&evt=pageLoad&msclkid=N&sv=1&rn=679926
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jul 2021 00:37:53 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: E3AF6BCEF695493AA8455D2826F60F0F Ref B: FRAEDGE1215 Ref C: 2021-07-28T00:37:53Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/americanbanker.com/ 72 KB
25 KB 164ms
57ms Script
application/javascript 65.9.95.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/americanbanker.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1b23efe41c75c1297fad1f71a174e299697bf7f3db0f742ccc00a83ce431630

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Jul 2021 09:37:35 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 13:33:22 GMT
server: nginx
age: 54019
etag: W/"6050b3a2-12086"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: u_H4tniUb_TE6k34Gq8IsEr_YokhW6V7UsOd0N1VBtCwQzi3ZMNBaw==
expires: Wed, 28 Jul 2021 09:37:35 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011464113/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011464113/?random=1627432673951&cv=9&fst=1627432673951&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&tiba=What%20Sengupta%27s%20departure%20means%20for%20Google%27s%20payments%20business%20%7C%20PaymentsSource%20%7C%20American%20Banker&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f35c0550dedd110dcc2b03ef02c24f07e02da7024a50bdb841c137ae2c74992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 22 KB
6 KB 32ms
12ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 14:49:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5864
Expires: Wed, 28 Jul 2021 01:37:54 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
296 B 17ms
15ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e02f1d2ea9361fecdbd08e32ca41f3bc2ea876cd4c9421f2b01f0b7b578c189

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: Cr2jxwq97gE
pragma
wn: prod-dash-10-0-121-63
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 675a0aa4dc004a6e-FRA
expires: Wed, 28 Jul 2021 00:57:54 GMT

GET
H/1.1 200
OK segments Show response
api.zetaglobal.net/people/nF1VJp%2B9QnkYyAEbXCaQss%2F2OzUWIyTvPVpwaH3epK3jEsdCPBYFbH%2FEkk9SHZwY4BjT86eAJ3z8lBKgHK7WYQ%3D%3D/ 2 B
939 B 395ms
177ms XHR
application/json 54.208.203.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zetaglobal.net/people/nF1VJp%2B9QnkYyAEbXCaQss%2F2OzUWIyTvPVpwaH3epK3jEsdCPBYFbH%2FEkk9SHZwY4BjT86eAJ3z8lBKgHK7WYQ%3D%3D/segments?site_id=sourcemedia-prod

Requested by

Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.203.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-Id: cd6c3ef8-8b14-473b-88ca-d86f2db4822b
X-Runtime: 0.071613
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"9ee5f4e14e11b2d8ffdc3e14c6ee6983"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000;
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Request-Methods: GET
Access-Control-Allow-Headers: origin, x-requested-with, content-type, accept, authorization, x-prototype-version

GET
BLOB 200
OK cf94aa6a-3d71-492b-88a4-e62c11c2c161
https://www.americanbanker.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.americanbanker.com/cf94aa6a-3d71-492b-88a4-e62c11c2c161
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D342%26pixelIndex%3D0%26r%3D94324%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.americanbanker...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D342%2526pixelIndex%253D0%2526r%253D94324%2526tzOffset%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=8340039968546267958&q=xImp&v=1.x&cl=342&pixelIndex=0&r=94324&tzOffset=-120&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-depar...

243 B
996 B

422ms
103ms

Script
text/javascript

3.224.4.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=8340039968546267958&q=xImp&v=1.x&cl=342&pixelIndex=0&r=94324&tzOffset=-120&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&_=1627432674064
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.4.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 6af75d409d527be5746a2abcc10e72682a644e9e260b24aa0a89139a77944f9c

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 217
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:54 GMT
X-Proxy-Origin: 89.40.183.208; 89.40.183.208; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 027aec50-7944-415c-8bf5-58684492a8e7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=8340039968546267958&q=xImp&v=1.x&cl=342&pixelIndex=0&r=94324&tzOffset=-120&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&_=1627432674064
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 track Show response
events.api.boomtrain.com/event/ 2 B
248 B 310ms
102ms XHR
text/plain 52.72.113.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.113.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
server: nginx
allow: GET, HEAD, OPTIONS, POST
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
content-length: 2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-219761-28&cid=680092930.1627432674&jid=1543412836&gjid=329881480&_gid=1888945322.1627432674&_u=aGBAgEArAAAAAE~&z=899301371

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 28 Jul 2021 00:37:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-219761-100&cid=680092930.1627432674&jid=1292438239&gjid=218381487&_gid=1888945322.1627432674&_u=aGDAiEArBAAAAE~&z=725750742

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 28 Jul 2021 00:37:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=246666925&t=pageview&_s=1&dl=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&dp=%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&ul=en-us&de=UTF-8&dt=What%20Sengupta%27s%20departure%20means%20for%20Google%27s%20payments%20business%20%7C%20PaymentsSource%20%7C%20American%20Banker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAr~&jid=1543412836&gjid=329881480&cid=680092930.1627432674&tid=UA-219761-28&_gid=1888945322.1627432674&gtm=2wg7q05DXTZXR&cd1=John%20Adams&cd2=Amazon%20CloudFront&cd5=Gated&cd8=20&cd9=20210322&cd10=Digital%20payments%2CGoogle%2CPSO%20content&cd12=Digital%20payments&cd14=680&cd15=Article&cd17=Digital%20payments%2CGoogle%2CPSO%20content&z=1642225043

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 09:57:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52818
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=246666925&t=pageview&_s=1&dl=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&dp=%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&ul=en-us&de=UTF-8&dt=What%20Sengupta%27s%20departure%20means%20for%20Google%27s%20payments%20business%20%7C%20PaymentsSource%20%7C%20American%20Banker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEArBAAAAE~&jid=1292438239&gjid=218381487&cid=680092930.1627432674&tid=UA-219761-100&_gid=1888945322.1627432674&gtm=2wg7q05DXTZXR&cd1=John%20Adams&cd2=Amazon%20CloudFront&cd5=Gated&cd8=20&cd9=20210322&cd10=Digital%20payments%2CGoogle%2CPSO%20content&cd12=Digital%20payments&cd14=680&cd15=Article&cd17=Digital%20payments%2CGoogle%2CPSO%20content&z=1862210752

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 09:57:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52818
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 43ms
42ms Script
application/javascript 54.229.143.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50113&ct=js&pi=&fp=undefined&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&pv=1627432674097_5mzrpgnr3&bl=en-us&cb=3662441&return=&ht=&d=&dc=&si=1627432674097_5mzrpgnr3&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?286
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:53 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1011464113/ 42 B
138 B 20ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011464113/?random=1627432673951&cv=9&fst=1627430400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7q0&sendb=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&tiba=What%20Sengupta%27s%20departure%20means%20for%20Google%27s%20payments%20business%20%7C%20PaymentsSource%20%7C%20American%20Banker&async=1&fmt=3&is_vtc=1&random=3051516217&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1011464113/ 42 B
154 B 19ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011464113/?random=1627432673951&cv=9&fst=1627430400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7q0&sendb=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&tiba=What%20Sengupta%27s%20departure%20means%20for%20Google%27s%20payments%20business%20%7C%20PaymentsSource%20%7C%20American%20Banker&async=1&fmt=3&is_vtc=1&random=3051516217&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 21ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1859681287603644&ev=PageView&dl=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&rl=&if=false&ts=1627432674112&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22541029256690117%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22806187966482914%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1627432674111.1505415651&it=1627432673927&coo=false&rqm=GET

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 28 Jul 2021 00:37:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 21ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?ev=1859681287603644&dl=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&rl=&if=false&ts=1627432674114&sw=1600&sh=1200&v=2.9.43&r=stable&o=28&it=1627432673927&rqm=GET

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 28 Jul 2021 00:37:54 GMT

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 206 B
992 B 143ms
131ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery112405804653952418493_1627432673960&client_id=XUnXNMUrFF&site=https%3A%2F%2Fwww.americanbanker.com&_=1627432673961

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a43dcb4ab11a7402cae5fe0884087501fb20f13908cd2ac4afe8645afcc949ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C63jxwqqhjq
pragma: no-cache
wn: prod-id-10-0-91-162
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.003
cf-ray: 675a0aa54c8d4a6e-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
16ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-219761-28&cid=680092930.1627432674&jid=1543412836&_u=aGBAgEArAAAAAE~&z=392135779

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 29ms
26ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-219761-28&cid=680092930.1627432674&jid=1543412836&_u=aGBAgEArAAAAAE~&z=392135779

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 27ms
26ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-219761-100&cid=680092930.1627432674&jid=1292438239&_u=aGDAiEArBAAAAE~&z=1235865823

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 27ms
24ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-219761-100&cid=680092930.1627432674&jid=1292438239&_u=aGDAiEArBAAAAE~&z=1235865823

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
arizent.brightspotcdn.com/dims4/default/4644b14/2147483647/strip/true/crop/4000x2252+0+415/resize/460x259!/quality/90/ 29 KB
30 KB 39ms
38ms Image
image/jpeg 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/dims4/default/4644b14/2147483647/strip/true/crop/4000x2252+0+415/resize/460x259!/quality/90/?url=https%3A%2F%2Fsource-media-brightspot.s3.amazonaws.com%2Fdc%2F62%2F934624124973aaf8a8211016381d%2Fkelly-al-bl-011319.jpg
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: d68147303e44c09c68ccf414aa2538cf8c6427d3f1282c71f112f93fe1da7faf

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 23:39:52 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 3481
ETag: 7aa42d045bc9ab601a116186789acb83
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 29826
X-Amz-Cf-Id: IGhQztUlzAZ1xVGfWM1jLR848sKoXHWkSHD8Nl2Yk68JGYpLf2w2Rg==
Expires: Wed, 27 Jul 2022 23:39:53 GMT

GET
H/1.1 200
OK /
arizent.brightspotcdn.com/dims4/default/7e2d639/2147483647/strip/true/crop/3998x2251+0+208/resize/460x259!/quality/90/ 39 KB
39 KB 31ms
29ms Image
image/jpeg 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/dims4/default/7e2d639/2147483647/strip/true/crop/3998x2251+0+208/resize/460x259!/quality/90/?url=https%3A%2F%2Fsource-media-brightspot.s3.amazonaws.com%2F22%2Fd9%2Fa9f089774c6b89c2cb049a9279fa%2F348177193.jpg
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 8fd0bbce7aee59bd54afd2160062cf4d80a8f2362b8a3a921ecb918fe1e5570f

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 21:27:10 GMT
Via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 11443
ETag: 7e9283717adb3696c96e78e3bbf04aa3
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 39885
X-Amz-Cf-Id: vcESodi6EvQGkwNEEhkTko7PZX_6ZRy7kvVOklZ2YjmqH-cdDjEddg==
Expires: Wed, 27 Jul 2022 21:27:11 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 115 KB
27 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 02ecc41396deceff7171d92beb888d87bb194882f1a5e7613952214f1e867d1e

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Jul 2021 15:19:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27772
Expires: Wed, 28 Jul 2021 01:37:54 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 602 KB
132 KB 24ms
6ms Script
text/javascript 2a02:26f0:6c00:19c::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/71453/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ade877f59659e001e030bcf424ecf75febaf1574fbe15e3a77d8055871f53097

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: CARCJVSS531FEBBV
content-length: 134103
x-amz-id-2: qF7dolmxCy2JsQYnNp1mOYP0xgWo5ZPtJBg1d65lFyxWwX2s2UnXy5XiZlQYR44T7TFVpSn64tg=
last-modified: Mon, 26 Jul 2021 12:16:38 GMT
etag: "41bc5ccb2ce47d27dd73ee9f28428ed6"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 8
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 28 Jul 2021 01:07:54 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 407ms
100ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1627432674146&plid=89341942&idsite=americanbanker.com&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22undefined%22%7D&sid=1&surl=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&sref=&sts=1627432674139&slts=0&title=What+Sengupta%27s+departure+means+for+Google%27s+payments+business+%7C+PaymentsSource+%7C+American+Banker&date=Wed+Jul+28+2021+02%3A37%3A54+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=48024458&u=pid%3D5d6d8b17a647105c0a84007bfedf1a76
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:54 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 28-Jul-2021 00:37:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 81ms
72ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=817&ts=1627432674216&env=js-web&pageId=71453&pid=77226&auctid=08e1a370-da56-66e3-16e5-ab18198f2377&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 80ms
71ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=08e1a370-da56-66e3-16e5-ab18198f2377&pageId=71453&pid=77226&debug_metadata=MNE9Kq6irn&fv=817&ts=1627432674218&f=1&referer=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 78ms
69ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=08e1a370-da56-66e3-16e5-ab18198f2377&pageId=71453&pid=77226&slot=corner&fv=817&ts=1627432674224&f=1&referer=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 http-source
s8t.teads.tv/logs/format/ 0
0 40ms
40ms Image
text/plain 2a02:26f0:6c00:19c::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/format/http-source?%5B817%7Cd%7CWindows%7C10%7CChrome%7C89%7Cweb%7C%7C%5D%5B77226%7C%7C%5D%5Binfo%5D%20ccpa-iab-consent%200%202
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-max-age: 86400
access-control-allow-methods: GET,POST

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1627432674228&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1627432674228&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

64 B
329 B

64ms
63ms

Image
image/gif

65.9.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1627432674228&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=89362683&cs_ucfr=
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ys2TrDmhOKzKvhGAc54DDIy-cgrM0XXhWHkH7B2IEACA2MOqCa0Kgg==

Redirect headers

date: Wed, 28 Jul 2021 00:37:54 GMT
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1627432674228&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=89362683&cs_ucfr=
content-length: 302
x-amz-cf-id: E4VRq5aiG4YFe1D91Q29YtAgVKjd7bHn8vXgrqkhCO1sL4GU1JYmVw==

GET
H2 200 ad Show response
a.teads.tv/page/71453/ 518 B
568 B 90ms
90ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/71453/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&page=%7B%22id%22%3A71453%2C%22placements%22%3A%5B%7B%22id%22%3A77226%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A523%2C%22height%22%3A294%7D%2C%22slotType%22%3A%22corner%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=08e1a370-da56-66e3-16e5-ab18198f2377&formatVersion=817&env=js-web&netBw=9.2&ttfb=337
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 026d3f8c6184c7ab4876718402e72e436ee8ffcec124688c5a21ab09c25e587b

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.americanbanker.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 356
expires: Wed, 28 Jul 2021 00:37:54 GMT

POST
H3-29 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 164 KB
23 KB 187ms
171ms XHR
application/json 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d3525c2cb0074cbe4bff3bd293ab8d68f92efa8c07ef508829566419009046e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C63jxwqZonj
pragma: no-cache
wn: prod-exp-10-0-91-227
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 675a0aa66d801786-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=783379586078&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVk...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=783379586078&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6I...

2 KB
2 KB

94ms
93ms

Script
text/javascript

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=783379586078&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&loc=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fcb2f294b4f8e6cd49796be296dcb143d934e89d91475963ecd36912cad1f688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1247
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=783379586078&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&loc=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 track
t.teads.tv/ 23 B
143 B 71ms
70ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=77226&pageId=71453&auctid=08e1a370-da56-66e3-16e5-ab18198f2377&vid=60a626ad4a2bd57a3b93c24fbce0e5e6addbdf5a&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&cts=1627432674283&cs=588570680121127112005&fv=817&ts=1627432674322&referer=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 330 B
569 B 150ms
53ms XHR
application/json 34.247.75.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAdbdaf74d8-2743-4db9-8b13-2b1c58dc90c1,ss:%5B970.91,970.90,970.250,728.90,320.50,300.250%5D,p:/16059533/AmericanBanker/Payments/Article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=24779b1c-69d1-cdcb-6d66-54e51465cfb6&url=https%253A%252F%252Fwww.americanbanker.com%252Fpayments%252Fnews%252Fwhat-senguptas-departure-means-for-googles-payments-business%252316164755323392%2526amp%253B%257B%252522sender%252522%253A%252522offer-0-HIVyb%252522%252C%252522displayMode%252522%253A%252522modal%252522%252C%252522recipient%252522%253A%252522opener%252522%252C%252522event%252522%253A%252522resize%252522%252C%252522params%252522%253A%257B%252522width%252522%253A500%252C%252522height%252522%253A0%252C%252522iframeId%252522%253A%252522offer-0-HIVyb%252522%257D%257D
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.75.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 91c87779371c1a7375efa0f5737374dd07b3a3d96c9ec1adcde1cf2071e086bd

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
x-server-name: app17.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

POST
H3-29 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 551 B
833 B 167ms
149ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68db4e8078f774c882c1fcfcd40f09d87deab50847abc870e1cd01d43901ef4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C63jxwqXstU
pragma: no-cache
wn: prod-dash-10-0-132-127
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-ray: 675a0aa7cd3fc2f4-FRA
expires: 0

GET
H3-29 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame D8FD 10 KB
3 KB 29ms
28ms Document
text/html 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e6378ee18eebd27e4ad909368e89e6a236518e8fc51eed9fe42fcabba661b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: JSESSIONID=D6D0E92AF9A78C8B6FCC95B1A85DA7DE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Wed, 28 Jul 2021 03:37:54 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.007
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-115-103
x-forwarded-https: on
x-request-id: C1eixwqZc5l
x-xss-protection: 0
cf-cache-status: HIT
age: 905
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 675a0aa7be501786-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 550 B
831 B 144ms
139ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc9e27271d22a438a52ede05be19d3ba0ee32c13782dd2ea2b47f4d28e27f9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C63jxwq1dm8
pragma: no-cache
wn: prod-dash-10-0-112-60
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 675a0aa7cd41c2f4-FRA
expires: 0

GET
H3-29 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame E9D5 13 KB
4 KB 20ms
20ms Document
text/html 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3723bfba93c48760cfef108cddcabe3f9e57271495b008d185421d9daf9d48f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: JSESSIONID=D6D0E92AF9A78C8B6FCC95B1A85DA7DE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Wed, 28 Jul 2021 03:37:54 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.006
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-122-166
x-forwarded-https: on
x-request-id: C8eixwq9l4W
x-xss-protection: 0
cf-cache-status: HIT
age: 898
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 675a0aa7ce591786-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 550 B
867 B 117ms
117ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a018b16e6a1ff36193038c0dad70c6058eaa9c5e43a407454da66f72dcd8ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C63jxwquj3X
pragma: no-cache
wn: prod-dash-10-0-135-93
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 675a0aa7dd45c2f4-FRA
expires: 0

GET
H3-29 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 8214 9 KB
3 KB 21ms
21ms Document
text/html 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTXTWIP3RVAY&offerId=fakeOfferId&experienceId=EXT2DU62YJP3&iframeId=offer_47114cb451c84b956915-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df780e6bdd0ca66d35501ad4ba6a9d82bf735c470f9506ea27c9544317a23e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTXTWIP3RVAY&offerId=fakeOfferId&experienceId=EXT2DU62YJP3&iframeId=offer_47114cb451c84b956915-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: JSESSIONID=D6D0E92AF9A78C8B6FCC95B1A85DA7DE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Wed, 28 Jul 2021 03:37:54 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.009
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-122-166
x-forwarded-https: on
x-request-id: Cw2fxwqtgPl
x-xss-protection: 0
cf-cache-status: HIT
age: 5194
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 675a0aa7de5e1786-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 226ms
50ms Script
application/javascript 65.9.98.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.98.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:30:20 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 16:29:57 GMT
server: AmazonS3
age: 455
etag: W/"6f6cd12e9b9fb6a70e03f3fc2cae03a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: jtRTxZjrYWuipqvkLvhQB7gRBOZdKoNTjTfhW130W_v_BMYT_Haruw==

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame AB98 2 KB
2 KB 93ms
92ms Document
text/html 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=1662401&lid=56730269&ctype=0&media=0&PageName=American_Banker+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&rnd=1959318285&cpref=&loc=https%3a%2f%2fwww.americanbanker.com%2fpayments%2fnews%2fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3b%7b%2522sender%2522%3a%2522offer-0-HIVyb%2522%2c%2522displayMode%2522%3a%2522modal%2522%2c%2522recipient%2522%3a%2522opener%2522%2c%2522event%2522%3a%2522resize%2522%2c%2522params%2522%3a%7b%2522width%2522%3a500%2c%2522height%2522%3a0%2c%2522iframeId%2522%3a%2522offer-0-HIVyb%2522%7d%7d

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

eb7983d2341e3c5a4f7fc33d9b8b490857187164e114ab36896886845d512206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: a2.adform.net
:scheme: https
:path: /serving/container/?pm=1662401&lid=56730269&ctype=0&media=0&PageName=American_Banker+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&rnd=1959318285&cpref=&loc=https%3a%2f%2fwww.americanbanker.com%2fpayments%2fnews%2fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3b%7b%2522sender%2522%3a%2522offer-0-HIVyb%2522%2c%2522displayMode%2522%3a%2522modal%2522%2c%2522recipient%2522%3a%2522opener%2522%2c%2522event%2522%3a%2522resize%2522%2c%2522params%2522%3a%7b%2522width%2522%3a500%2c%2522height%2522%3a0%2c%2522iframeId%2522%3a%2522offer-0-HIVyb%2522%7d%7d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=9146429097182601575; CM=1|1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

server: nginx
date: Wed, 28 Jul 2021 00:37:54 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 8AC7 5 KB
2 KB 214ms
47ms Document
text/html 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=783379586078&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&loc=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

5704029b26dbb14608c6ca98ce8b6a64ef2a0b46fb1a54b768324b13276ad539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=9146429097182601575; CM=1|1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

server: nginx
date: Wed, 28 Jul 2021 00:37:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: CM14=1627519074_1627432674_1_Hu7u4e4e4e7u7u4REREeERERERHhEA; expires=Wed, 11 Aug 2021 00:37:54 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
344 B 214ms
47ms Image
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=9146429097182601575&stamp=wAEzyH5ts6EDvP-67D9Y4w2

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Jul 2021 00:37:54 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ 43 B
469 B 198ms
40ms Image
image/gif 116.202.80.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=krmre7zokirvjl2y&sid=1141965811121236457&loc=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&new=0&arf=0&ltm=1627432674163&ref=&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=krmre8dvgy0iq4nw&ckp=krmre802lrwz76yd&glb=&wsz=1600x1200&amo=1622560986.423&cp_userState=anon&cp_ver=2.44&cp_testGroup=8
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.165 Eichendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H3-29 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame E9D5 33 KB
6 KB 35ms
34ms Stylesheet
text/css 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 4651
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-92-171
last-modified: Tue, 27 Jul 2021 10:06:02 GMT
server: cloudflare
etag: W/"33843-1627380362000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 675a0aa7fe731786-FRA
expires: Wed, 28 Jul 2021 02:37:54 GMT

GET
H3-29 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame E9D5 34 KB
7 KB 118ms
117ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=XUnXNMUrFF&version=1619704701000&language=en_US

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec70cfb1ce0aed65c10ebc00451fef58c830dbe4c02db1ba4115e7e3442c3c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C63jxwqWTsf
pragma
wn: prod-dash-10-0-88-61
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 675a0aa7fe751786-FRA
expires: Wed, 28 Jul 2021 20:37:54 EDT

GET
H3-29 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame E9D5 55 KB
11 KB 29ms
28ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.264.0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab33c235c670da8c30b661bd6f4315ca5b2c2774857c10cfa050b27c7a8a4b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 53589
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-132-127
last-modified: Mon, 26 Jul 2021 15:19:42 GMT
server: cloudflare
etag: W/"56811-1627312782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 675a0aa7fe771786-FRA
expires: Thu, 29 Jul 2021 00:37:54 GMT

GET
H3-29 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame E9D5 513 KB
154 KB 42ms
41ms Script
text/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760499e3b8003baafc3b3eeb5a7ba842e46c9495c64488723c7c62a6233124bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3175
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-135-93
last-modified: Tue, 27 Jul 2021 10:06:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.002
cache-control: public, max-age=601625
x-optimized-by: _sam
cf-ray: 675a0aa7fe781786-FRA
expires: Tue, 03 Aug 2021 23:44:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame E9D5 5 KB
531 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9062b283108aee3d80a32cada8435bd6e2b642f3532de4ec9460136e98d6bc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 00:01:53 GMT
server: ESF
date: Wed, 28 Jul 2021 00:37:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 00:37:54 GMT

GET
H2 200 americanbanker3x.png
images.newsletters.sourcemedia.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/ Frame E9D5 8 KB
9 KB 64ms
7ms Image
image/png 2600:9000:21f3:be00:8:2b19:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.newsletters.sourcemedia.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/americanbanker3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:be00:8:2b19:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f2b6c5613e703f11e27309ad9e7115cabb98e70acb07b7417a3e68b6e083e24

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
etag: "19d4923e2aa582a437a134b96bfaf2e3"
last-modified: Mon, 03 Jun 2019 20:35:59 GMT
server: AmazonS3
age: 1250773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
date: Tue, 13 Jul 2021 13:11:42 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 8610
x-amz-cf-id: XMJipYgEBe1CKtb5-9KHm2knEESWkf9O33u_ei49gbh4QHygTUfbpw==

GET
H/1.1 200
OK icon-arrow-down-show-3x.png
source-media-brightspot-lower.s3.amazonaws.com/de/55/86a18aa047308959b772cc9fe6c0/ Frame E9D5 1 KB
2 KB 433ms
122ms Image
image/png 52.216.83.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://source-media-brightspot-lower.s3.amazonaws.com/de/55/86a18aa047308959b772cc9fe6c0/icon-arrow-down-show-3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.83.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3c1db1885b0f1d07ded84a1dd2b4aa9e5a150e74c37c6f27e9ad9e76820ee84

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:56 GMT
Last-Modified: Wed, 14 Apr 2021 20:08:55 GMT
Server: AmazonS3
x-amz-request-id: RSEVNS988GR8M0MA
ETag: "03078169ee60acf0e5340c8df1a668d9"
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 1205
x-amz-id-2: hfwzdwVsY7aAxkx5Ye7ErpTJO/W0HsphFFgG9TtNmr8dYn1jocGNnEtgSxoJDlXYTFvR7J3DorU=

GET
H/1.1 200
OK icon-checkmark-benefits-3x.png
source-media-brightspot-lower.s3.amazonaws.com/e6/5a/cf83bdcb4154966bba0142ee706f/ Frame E9D5 737 B
1 KB 418ms
120ms Image
image/png 52.216.83.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://source-media-brightspot-lower.s3.amazonaws.com/e6/5a/cf83bdcb4154966bba0142ee706f/icon-checkmark-benefits-3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.83.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5369beacf41380e4c6215ba0e5c1fbf7f454dfd686276b0559b1caf04584ea65

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:56 GMT
Last-Modified: Wed, 14 Apr 2021 20:05:44 GMT
Server: AmazonS3
x-amz-request-id: RSEM3CT3DXPVPF88
ETag: "c8e2d9524224f461e3d5a82b9a071f28"
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 737
x-amz-id-2: FMR+nkD3yRhZNb9U/pFH9mJjNhOUrUBM9zErNcze7fwyTnt4vXIvqArIn9Ke4Sh/rlb6dRjns+E=

GET
H3-29 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame D8FD 33 KB
6 KB 22ms
21ms Stylesheet
text/css 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 4651
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-92-171
last-modified: Tue, 27 Jul 2021 10:06:02 GMT
server: cloudflare
etag: W/"33843-1627380362000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 675a0aa7fe791786-FRA
expires: Wed, 28 Jul 2021 02:37:54 GMT

GET
H3-29 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame D8FD 34 KB
7 KB 137ms
137ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=XUnXNMUrFF&version=1619704701000&language=en_US

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec70cfb1ce0aed65c10ebc00451fef58c830dbe4c02db1ba4115e7e3442c3c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C63jxwqLPfk
pragma
wn: prod-dash-10-0-115-103
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 675a0aa7fe7b1786-FRA
expires: Wed, 28 Jul 2021 20:37:54 EDT

GET
H3-29 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame D8FD 55 KB
11 KB 22ms
21ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.264.0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab33c235c670da8c30b661bd6f4315ca5b2c2774857c10cfa050b27c7a8a4b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 53589
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-132-127
last-modified: Mon, 26 Jul 2021 15:19:42 GMT
server: cloudflare
etag: W/"56811-1627312782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 675a0aa7fe7c1786-FRA
expires: Thu, 29 Jul 2021 00:37:54 GMT

GET
H3-29 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame D8FD 513 KB
154 KB 58ms
57ms Script
text/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760499e3b8003baafc3b3eeb5a7ba842e46c9495c64488723c7c62a6233124bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3175
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-135-93
last-modified: Tue, 27 Jul 2021 10:06:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.002
cache-control: public, max-age=601625
x-optimized-by: _sam
cf-ray: 675a0aa7fe7d1786-FRA
expires: Tue, 03 Aug 2021 23:44:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame D8FD 5 KB
531 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9062b283108aee3d80a32cada8435bd6e2b642f3532de4ec9460136e98d6bc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 23:33:36 GMT
server: ESF
date: Wed, 28 Jul 2021 00:37:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 00:37:54 GMT

GET
H/1.1 200
OK linkedin-social-icon-btn-3x.png
arizent.brightspotcdn.com/d5/4d/fc30ec004720a8da784582ad25c6/ Frame D8FD 562 B
1 KB 33ms
33ms Image
image/png 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/d5/4d/fc30ec004720a8da784582ad25c6/linkedin-social-icon-btn-3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d4b7544ef8b7a6db760fd252efaad4cdd33d1dfe0a2383586a98458b4b090ae

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:05:08 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 06 May 2021 04:51:39 GMT
Server: AmazonS3
Age: 23567
ETag: "0a371f0a49c577cedcc086bd5169cb25"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 562
X-Amz-Cf-Id: S0BPfVIJWiQLmmyclClh9Bo122-L0Z0KPOgtSepyOUCWIJ8-suNk0A==

GET
H/1.1 200
OK twiiter-social-icon-btn-3x.png
arizent.brightspotcdn.com/ec/08/9133e2674170a44a362ecbef59fd/ Frame D8FD 904 B
1 KB 33ms
33ms Image
image/png 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/ec/08/9133e2674170a44a362ecbef59fd/twiiter-social-icon-btn-3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d84b4826439e5fec8c6e40c70b76f0a3e9d0978e74c4988da8a42250d656bee1

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:05:08 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 06 May 2021 05:01:42 GMT
Server: AmazonS3
Age: 23567
ETag: "1b1e1c9c5d0dc860ebdd57853453fc17"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 904
X-Amz-Cf-Id: GgQvQxY_z9dB5-JGzK4n7ihnwmfWSxd4JlGVPSpw8034geYFJgSyGA==

GET
H/1.1 200
OK facebook-social-icon-btn-3x.png
arizent.brightspotcdn.com/58/75/66da657241f7bd50f2d3c435c824/ Frame D8FD 402 B
904 B 36ms
35ms Image
image/png 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/58/75/66da657241f7bd50f2d3c435c824/facebook-social-icon-btn-3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTLPLIW4RFBD&offerId=fakeOfferId&experienceId=EXFVN42ECAA4&iframeId=offer_f5861de675386399a3c8-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe9ba222e604fb3c387015541377b3fa29d19a2e708ddc9958b2d2abb87882c4

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:05:08 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 06 May 2021 05:02:29 GMT
Server: AmazonS3
Age: 23567
ETag: "6f1c7a736c6422ba630e6c469f8b3c1d"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 402
X-Amz-Cf-Id: 3z4U9vZ8Ika4xSIwapMQXBxAcjAf6NoM0s5vsJwx2xO2rMlc_a372g==

GET
H3-29 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 8214 33 KB
6 KB 20ms
20ms Stylesheet
text/css 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTXTWIP3RVAY&offerId=fakeOfferId&experienceId=EXT2DU62YJP3&iframeId=offer_47114cb451c84b956915-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTXTWIP3RVAY&offerId=fakeOfferId&experienceId=EXT2DU62YJP3&iframeId=offer_47114cb451c84b956915-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 4651
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-92-171
last-modified: Tue, 27 Jul 2021 10:06:02 GMT
server: cloudflare
etag: W/"33843-1627380362000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 675a0aa7fe811786-FRA
expires: Wed, 28 Jul 2021 02:37:54 GMT

GET
H3-29 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 8214 34 KB
7 KB 112ms
112ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=XUnXNMUrFF&version=1619704701000&language=en_US

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec70cfb1ce0aed65c10ebc00451fef58c830dbe4c02db1ba4115e7e3442c3c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTXTWIP3RVAY&offerId=fakeOfferId&experienceId=EXT2DU62YJP3&iframeId=offer_47114cb451c84b956915-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C63jxwqBAIa
pragma
wn: prod-dash-10-0-9-12
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 675a0aa7fe821786-FRA
expires: Wed, 28 Jul 2021 20:37:54 EDT

GET
H3-29 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 8214 55 KB
11 KB 20ms
20ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.264.0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab33c235c670da8c30b661bd6f4315ca5b2c2774857c10cfa050b27c7a8a4b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTXTWIP3RVAY&offerId=fakeOfferId&experienceId=EXT2DU62YJP3&iframeId=offer_47114cb451c84b956915-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 53589
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-132-127
last-modified: Mon, 26 Jul 2021 15:19:42 GMT
server: cloudflare
etag: W/"56811-1627312782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 675a0aa7fe831786-FRA
expires: Thu, 29 Jul 2021 00:37:54 GMT

GET
H3-29 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 8214 513 KB
154 KB 43ms
43ms Script
text/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760499e3b8003baafc3b3eeb5a7ba842e46c9495c64488723c7c62a6233124bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTXTWIP3RVAY&offerId=fakeOfferId&experienceId=EXT2DU62YJP3&iframeId=offer_47114cb451c84b956915-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3175
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-135-93
last-modified: Tue, 27 Jul 2021 10:06:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.002
cache-control: public, max-age=601625
x-optimized-by: _sam
cf-ray: 675a0aa7fe841786-FRA
expires: Tue, 03 Aug 2021 23:44:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 8214 5 KB
531 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9062b283108aee3d80a32cada8435bd6e2b642f3532de4ec9460136e98d6bc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 23:20:49 GMT
server: ESF
date: Wed, 28 Jul 2021 00:37:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 00:37:54 GMT

GET
H2 200 americanbanker3x.png
images.newsletters.sourcemedia.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/ Frame 8214 8 KB
9 KB 65ms
8ms Image
image/png 2600:9000:21f3:be00:8:2b19:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.newsletters.sourcemedia.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/americanbanker3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTXTWIP3RVAY&offerId=fakeOfferId&experienceId=EXT2DU62YJP3&iframeId=offer_47114cb451c84b956915-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:be00:8:2b19:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f2b6c5613e703f11e27309ad9e7115cabb98e70acb07b7417a3e68b6e083e24

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
etag: "19d4923e2aa582a437a134b96bfaf2e3"
last-modified: Mon, 03 Jun 2019 20:35:59 GMT
server: AmazonS3
age: 1250773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
date: Tue, 13 Jul 2021 13:11:42 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 8610
x-amz-cf-id: vZ22Z5NTTZZvDWzrG8ic0KIIrFjIajei1H9JSvAFQJQD-nbDb6HOAQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 330 B
568 B 53ms
53ms XHR
application/json 34.247.75.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAd758e0588-9521-4895-a438-43fa6c332288,ss:%5B300.250,300.600,300.1050%5D,p:/16059533/AmericanBanker/Payments/Article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=24779b1c-69d1-cdcb-6d66-54e51465cfb6&url=https%253A%252F%252Fwww.americanbanker.com%252Fpayments%252Fnews%252Fwhat-senguptas-departure-means-for-googles-payments-business%252316164755323392%2526amp%253B%257B%252522sender%252522%253A%252522offer-0-HIVyb%252522%252C%252522displayMode%252522%253A%252522modal%252522%252C%252522recipient%252522%253A%252522opener%252522%252C%252522event%252522%253A%252522resize%252522%252C%252522params%252522%253A%257B%252522width%252522%253A500%252C%252522height%252522%253A0%252C%252522iframeId%252522%253A%252522offer-0-HIVyb%252522%257D%257D
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.75.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 301dee4d2496e2a4214aad44e7132eda24bb33cd949cc6313c6069e8f94786a6

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
x-server-name: app16.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 330 B
568 B 54ms
54ms XHR
application/json 34.247.75.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAda5524e52-9aec-4a6a-8c29-be229c4d4d6b,ss:%5B300.250,300.600%5D,p:/16059533/AmericanBanker/Payments/Article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=24779b1c-69d1-cdcb-6d66-54e51465cfb6&url=https%253A%252F%252Fwww.americanbanker.com%252Fpayments%252Fnews%252Fwhat-senguptas-departure-means-for-googles-payments-business%252316164755323392%2526amp%253B%257B%252522sender%252522%253A%252522offer-0-HIVyb%252522%252C%252522displayMode%252522%253A%252522modal%252522%252C%252522recipient%252522%253A%252522opener%252522%252C%252522event%252522%253A%252522resize%252522%252C%252522params%252522%253A%257B%252522width%252522%253A500%252C%252522height%252522%253A0%252C%252522iframeId%252522%253A%252522offer-0-HIVyb%252522%257D%257D
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.75.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 801d35b88be9b52fbcbdda294f7ce35512b7c0969f7221bba37ba066f6f2dace

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
x-server-name: app24.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.americanbanker.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
8 KB 103ms
66ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1934936515445686&correlator=302536034780734&output=ldjh&impl=fif&eid=31060439%2C31061805%2C31062010%2C21068030%2C31061843%2C20211866&vrg=2021072402&ptt=17&sc=1&sfv=1-0-38&ecs=20210728&iu_parts=16059533%2CAmericanBanker%2CPayments%2CArticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%7C970x91&prev_scp=pos%3Dcollapsed_header1%26id%3D0c25768c-ef3c-11eb-b96c-0289e6fd96ae%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40&eri=1&cust_params=topics%3Dpayment-methods%252Cdigital-payments%252Cpayments%252Cgoogle%26storyID%3D00000178-5b13-d0a3-a979-5fb308070001%26organization%3Dgoogle%26PID%3Dnull%26ZetaSegments%3Dnull%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3Dmedium%26hat%3DveryLow%26off%3Dlow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627432674&dt=1627432674625&dlt=1627432673115&idt=791&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=104&adks=3903159866&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x40&msz=728x40&ga_vid=680092930.1627432674&ga_sid=1627432675&ga_hid=246666925&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a6bd2edc70ad4d3c61ba9d86c1853b241bb3003499b869c91a2c70832c08bbf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8223
x-xss-protection: 0
google-lineitem-id: 5728936480
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138357128627
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D95 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 28 Jul 2021 00:37:54 GMT
expires: Thu, 28 Jul 2022 00:37:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 92ms
73ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1934936515445686&correlator=302536034780734&output=ldjh&impl=fif&eid=31060439%2C31061805%2C31062010%2C21068030%2C31061843%2C20211866&vrg=2021072402&ptt=17&sc=1&sfv=1-0-38&ecs=20210728&iu_parts=16059533%2CAmericanBanker%2CPayments%2CArticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600%7C300x1050&prev_scp=pos%3Dbigbox1%26id%3D0c26aed0-ef3c-11eb-ba94-067f141e2336%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40&eri=1&cust_params=topics%3Dpayment-methods%252Cdigital-payments%252Cpayments%252Cgoogle%26storyID%3D00000178-5b13-d0a3-a979-5fb308070001%26organization%3Dgoogle%26PID%3Dnull%26ZetaSegments%3Dnull%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3Dmedium%26hat%3DveryLow%26off%3Dlow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627432674&dt=1627432674647&dlt=1627432673115&idt=791&frm=20&biw=1600&bih=1200&oid=3&adxs=1070&adys=185&adks=2501063575&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&vis=1&dmc=8&scr_x=0&scr_y=0&psz=301x1191&msz=301x290&ga_vid=680092930.1627432674&ga_sid=1627432675&ga_hid=246666925&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

297eecd2ee065b9005e8811876f4e7ab1b86db81ffdd61e1e153a6ea6a1ec423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8622
x-xss-protection: 0
google-lineitem-id: 5680235680
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348011648
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 487 B
290 B 83ms
71ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1934936515445686&correlator=302536034780734&output=ldjh&impl=fif&eid=31060439%2C31061805%2C31062010%2C21068030%2C31061843%2C20211866&vrg=2021072402&ptt=17&sc=1&sfv=1-0-38&ecs=20210728&iu_parts=16059533%2CAmericanBanker%2CPayments%2CArticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dbigbox2%26id%3D0c272467-ef3c-11eb-a5b0-02cb850ca5c2%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40&eri=1&cust_params=topics%3Dpayment-methods%252Cdigital-payments%252Cpayments%252Cgoogle%26storyID%3D00000178-5b13-d0a3-a979-5fb308070001%26organization%3Dgoogle%26PID%3Dnull%26ZetaSegments%3Dnull%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3Dmedium%26hat%3DveryLow%26off%3Dlow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627432674&dt=1627432674654&dlt=1627432673115&idt=791&frm=20&biw=1600&bih=1200&oid=3&adxs=1070&adys=475&adks=1957135036&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&vis=1&dmc=8&scr_x=0&scr_y=0&psz=301x1441&msz=301x290&ga_vid=680092930.1627432674&ga_sid=1627432675&ga_hid=246666925&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3f5f8861a14d4d2e3231253719aeaa8eabb79948235e4ae3f8a2416b45e564eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
18 B 60ms
6ms Ping
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarya1nTofRxKn6119Pu

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 28 Jul 2021 00:37:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.americanbanker.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 8214 2 KB
3 KB 21ms
19ms Image
image/png 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
cf-cache-status: HIT
age: 4649
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-94-99
last-modified: Tue, 27 Jul 2021 12:07:50 GMT
server: cloudflare
etag: W/"2177-1627387670000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.001
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 675a0aa90f331786-FRA
expires: Wed, 28 Jul 2021 02:37:54 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 8214 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 87673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:41 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 8214 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 57812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:34:22 GMT

GET
H2 200 americanbanker3x.png
images.newsletters.sourcemedia.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/ Frame E9D5 8 KB
9 KB 7ms
6ms Image
image/png 2600:9000:21f3:be00:8:2b19:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.newsletters.sourcemedia.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/americanbanker3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:be00:8:2b19:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f2b6c5613e703f11e27309ad9e7115cabb98e70acb07b7417a3e68b6e083e24

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
etag: "19d4923e2aa582a437a134b96bfaf2e3"
last-modified: Mon, 03 Jun 2019 20:35:59 GMT
server: AmazonS3
age: 1250773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
date: Tue, 13 Jul 2021 13:11:42 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 8610
x-amz-cf-id: mS1aWFTGetCQC6BkeNmOgG2bHtm4pleBeGil_S7byWFpYW3wBVHCXg==

GET
H3-29 200 container.html Show response
2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FFF5 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 28 Jul 2021 00:37:54 GMT
expires: Thu, 28 Jul 2022 00:37:54 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Wed, 28 Jul 2021 00:37:54 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6A9 0
0 66ms
65ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsue_HIwIovCRK0mlKszNXf11WLoI4hNdA4qZ7KR4F4OxrgTGS8-nKbuELMgwf4zWI2rUOd-RtQnU1iiYkouCJbvoZvjYPMqoopfw94ggFrnTwjKZqHDowhbGJ3tq2g43_gzgi5czLdCX4EfUtcf4smu_K2pETYhpH4hdwlfvlR4pQzGw5t2q-ILf17NLRUZGsmlQg3q4Y1mdmB9r8bfKR3phr1mRt8aY8jqmBjn1hoUOnmZ3kNWeU7AhkYKnpx6U5HH0chZ_X7bJVBOfHT_8yy3D52qx9GiIMr0cZihnQAZ5s7USQ-BWR4rDgepwHyxKY82SznIDZuPGTmlgZE1hIg7euVscDZB&sig=Cg0ArKJSzHTgkE_J-VwHEAE&adurl=

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 00:37:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame B6A9 2 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 00:25:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6A9 124 KB
37 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Wed, 28 Jul 2021 00:37:54 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B6A9 0
0 14ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSL_tpUQh6c-H8MZXUHxbLkCyPg9JTKuXcqxHv360g7fuFyVoqCgQcUQE8cgXlrtU_e05sk
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 12159268888774279370
tpc.googlesyndication.com/simgad/ Frame B6A9 68 KB
68 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12159268888774279370

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f69442d82e5c60eb36ff44fa4cc08f941a7cd522aa3d39f0ebf070eca81cc6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:43:51 GMT
x-content-type-options: nosniff
age: 10443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69772
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 18:25:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:43:51 GMT

GET
H3-29 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame E9D5 2 KB
3 KB 27ms
27ms Image
image/png 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
cf-cache-status: HIT
age: 4649
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-94-99
last-modified: Tue, 27 Jul 2021 12:07:50 GMT
server: cloudflare
etag: W/"2177-1627387670000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.001
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 675a0aa9af961786-FRA
expires: Wed, 28 Jul 2021 02:37:54 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame E9D5 23 KB
23 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 87673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:41 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame E9D5 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 57812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:34:22 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8340039968546267958&pixelIndex=0&_=1627432674065
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8340039968546267958&pixelIndex=0&_=1627432674065&google_gid=CAESEBx4N5guojPMBnte48U5Hio&google_cver=1

0
598 B

101ms
100ms

Script
text/javascript

3.224.4.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8340039968546267958&pixelIndex=0&_=1627432674065&google_gid=CAESEBx4N5guojPMBnte48U5Hio&google_cver=1
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.4.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8340039968546267958&pixelIndex=0&_=1627432674065&google_gid=CAESEBx4N5guojPMBnte48U5Hio&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
66 B 72ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=8340039968546267958
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3-29 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame D8FD 2 KB
3 KB 42ms
41ms Image
image/png 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
cf-cache-status: HIT
age: 4649
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-94-99
last-modified: Tue, 27 Jul 2021 12:07:50 GMT
server: cloudflare
etag: W/"2177-1627387670000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.001
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 675a0aaa1fea1786-FRA
expires: Wed, 28 Jul 2021 02:37:54 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame D8FD 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 87673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:41 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6A9 0
0 100ms
64ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFmhkoB4WFwmVzh0k-ivHIWZSCZEcr8L6dHs1B-PwI_Npqk852p_K9u3kV4saDU4aH0elreV3LmLPRdLZQmwzVrlZ3-e0kalvfufPjQLTdB0nZ2e1XWUN_Tw02M1aOLOMRAphZcXSmgzePoinJMOCsB-MkQ0XH8QuREDYytI_f4leQWP3OoafYd9M-972r33x3Uy8I__i_J1_4JrWwNd7pilVxKFYj0-_YTl-Kl5Y2FsfqysrBUALyTizWBdlL611IChxXu_sP1saT_vxmcuTRzg_p9XpI0uEY-RrHbqn2MP84anAz0tBy3FgIw1xKKZFeeVqBOSOWR0y1lrz-OgEc_XSsLpNxwQI&sig=Cg0ArKJSzEYEZxLW9FL7EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 00:37:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 28 Jul 2021 00:37:55 GMT

GET
DATA 200
OK truncated
/ Frame B6A9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ae0c0bb903c76e83981c8465b551fc28230379fbd818d18b411b13e59dea93d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 128A 46 KB
13 KB 178ms
79ms Script
application/javascript 34.247.75.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=300x250&pubId=4456012746&chanId=22401786010&placementId=5680235680&pubCreative=138348011648&pubOrder=2850669722&cb=796612269&custom=bigbox1&adsafe_par&impId=0c26aed0-ef3c-11eb-ba94-067f141e2336&custom3=
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.75.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e25bafcf455ab6fd80b85c71b580881cfa40d9e463ba45231fcba53a380f6d3

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
content-encoding: gzip
x-server-name: app22.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame AB98 43 B
949 B 87ms
28ms Image
image/gif 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1472086&t=2

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1662401&lid=56730269&ctype=0&media=0&PageName=American_Banker+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&rnd=1959318285&cpref=&loc=https%3a%2f%2fwww.americanbanker.com%2fpayments%2fnews%2fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3b%7b%2522sender%2522%3a%2522offer-0-HIVyb%2522%2c%2522displayMode%2522%3a%2522modal%2522%2c%2522recipient%2522%3a%2522opener%2522%2c%2522event%2522%3a%2522resize%2522%2c%2522params%2522%3a%7b%2522width%2522%3a500%2c%2522height%2522%3a0%2c%2522iframeId%2522%3a%2522offer-0-HIVyb%2522%7d%7d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
X-Proxy-Origin: 89.40.183.208; 89.40.183.208; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 66e231bb-8c6b-4a79-a588-794e4d42f6dc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
ib.adnxs.com/ Frame AB98 43 B
1021 B 30ms
29ms Image
image/gif 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?add=26609450

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:54 GMT
X-Proxy-Origin: 89.40.183.208; 89.40.183.208; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 122eee59-9127-4640-be78-970dcc52fb25
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame AB98 24 KB
9 KB 23ms
7ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1662401&lid=56730269&ctype=0&media=0&PageName=American_Banker+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&rnd=1959318285&cpref=&loc=https%3a%2f%2fwww.americanbanker.com%2fpayments%2fnews%2fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3b%7b%2522sender%2522%3a%2522offer-0-HIVyb%2522%2c%2522displayMode%2522%3a%2522modal%2522%2c%2522recipient%2522%3a%2522opener%2522%2c%2522event%2522%3a%2522resize%2522%2c%2522params%2522%3a%7b%2522width%2522%3a500%2c%2522height%2522%3a0%2c%2522iframeId%2522%3a%2522offer-0-HIVyb%2522%7d%7d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 04 Aug 2021 00:37:54 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 8AC7 0
261 B 46ms
45ms Image
text/plain 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 8AC7
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=9146429097182601575&Expiration=1628642274
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=9146429097182601575&Expiration=1628642274

43 B
423 B

37ms
36ms

Image
image/gif

52.29.9.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=9146429097182601575&Expiration=1628642274
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.9.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Jul 2021 00:37:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=9146429097182601575&Expiration=1628642274
date: Wed, 28 Jul 2021 00:37:55 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 8AC7 0
360 B 127ms
46ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=9146429097182601575

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 27 Jul 2021 00:37:55 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 8AC7 0
214 B 123ms
31ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 8AC7
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9146429097182601575&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9146429097182601575&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=e24ae78509784c448...
https://c1.adform.net/serving/cookie/match?party=9&uid=dc2cc891a982e969d999d41485a4f011bf75f82b8c9e008a05ac7bb232e56370

35 B
468 B

46ms
45ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=dc2cc891a982e969d999d41485a4f011bf75f82b8c9e008a05ac7bb232e56370

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=dc2cc891a982e969d999d41485a4f011bf75f82b8c9e008a05ac7bb232e56370
date: Wed, 28 Jul 2021 00:37:55 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 8AC7 43 B
163 B 67ms
19ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=9146429097182601575&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:54 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55944/ Frame 8AC7
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=9146429097182601575&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=9146429097182601575&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=9146429097182601575&_origin=1&apid=UP0c73e456-ef3c-11eb-b808-06d5b5baec4e
https://ups.analytics.yahoo.com/ups/55944/sync?uid=9146429097182601575&_origin=1&apid=UP0c73e456-ef3c-11eb-b808-06d5b5baec4e&verify=true

0
1 KB

37ms
37ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=9146429097182601575&_origin=1&apid=UP0c73e456-ef3c-11eb-b808-06d5b5baec4e&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:55 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Wed, 28 Jul 2021 00:37:55 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=9146429097182601575&_origin=1&apid=UP0c73e456-ef3c-11eb-b808-06d5b5baec4e&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 8AC7 43 B
713 B 130ms
46ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1627432674789023-559
Expires: Wed, 28 Jul 2021 00:37:55 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8AC7
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=9146429097182601575
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=9146429097182601575
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2629ad56-0db5-4976-8d6e-586583b87e15&gdpr=&gdpr_consent=&gdpr_pd=

1 B
492 B

90ms
28ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2629ad56-0db5-4976-8d6e-586583b87e15&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:55 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:361
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2629ad56-0db5-4976-8d6e-586583b87e15&gdpr=&gdpr_consent=&gdpr_pd=
date: Wed, 28 Jul 2021 00:37:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8AC7
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9146429097182601575&expiration=1628642274
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9146429097182601575&expiration=1628642274&C=1

43 B
1006 B

45ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9146429097182601575&expiration=1628642274&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 28 Jul 2021 00:37:55 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9146429097182601575&expiration=1628642274&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Wed, 28 Jul 2021 00:37:55 GMT

GET
H/1.1

200
OK

semasio
sync.sharethis.com/ Frame 8AC7
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=9146429097182601575&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=9146429097182601575&sInitiator=external
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OTI0NEZBQkE0NDVDQTRFNw&gdpr=&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEEUoVRDAhhaEQQqdAhQbVvE&sInitiator=internal&google_cver=1&gdpr=&gdpr_consent=&google_cver=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=22d75ffe-e9d0-4075-955d-12bd35e70351
https://sync.sharethis.com/semasio?uid=9244FABA445CA4E7&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D
https://l.sharethis.mgr.consensu.org/rd?rurl=https%3A%2F%2Fsync.sharethis.com%2Fsemasio%3Fgdpr%3D1%26gdpr_consent%3D%26rd%3D0%26rurl%3Dhttps%253A%252F%252Fuipglob.semasio.net%252Fsharethis%252F1%25...
https://sync.sharethis.com/semasio?gdpr=1&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=9244FABA445CA4E7

42 B
167 B

34ms
34ms

Image
image/gif

52.58.221.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sharethis.com/semasio?gdpr=1&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=9244FABA445CA4E7
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:56 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/semasio?gdpr=1&gdpr_consent=&rd=0&rurl=https%3A%2F%2Fuipglob.semasio.net%2Fsharethis%2F1%2Finfo%3FsType%3Dsync%26sInitiator%3Dinternal%26sExtCookieId%3D&uid=9244FABA445CA4E7
Date: Wed, 28 Jul 2021 00:37:56 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 239
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 8AC7 0
344 B 117ms
28ms Image
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=9146429097182601575&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:55 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame 8AC7 0
324 B 102ms
33ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame 8AC7 0
0 30ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

tpid=9146429097182601575
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 8AC7
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9146429097182601575
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=9146429097182601575

49 B
736 B

54ms
54ms

Image
image/gif

34.251.130.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.82
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=9146429097182601575
cache-control: no-cache
x-server: 10.45.13.83
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 8AC7 62 B
304 B 273ms
214ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:55 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8AC7
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9146429097182601575
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=9146429097182601575

43 B
180 B

29ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=9146429097182601575
date: Wed, 28 Jul 2021 00:37:55 GMT
via: 1.1 google
server: OXGW/16.211.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 8AC7
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

3232ms
53ms

Image
image/gif

52.218.30.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.30.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:59 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: P2MGFF1K9RC7WBR1
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: w4naqj7pz5fP2jooJPl3GT1Ln6Z8tFHnJVoTyLR/m+QdEOf06wGvGwQas+0GClUE5xilnQOEVmM=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 28 Jul 2021 00:37:55 GMT
Server: akka-http/10.2.4
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 8AC7 35 B
248 B 359ms
118ms Image
image/gif 51.79.83.225
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=9146429097182601575&partner=68
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H/1.1 200
OK /
cm.adsafety.net/ Frame 8AC7 43 B
229 B 105ms
34ms Image
image/gif 85.90.246.246
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.90.246.246 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:55 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 8AC7 0
338 B 156ms
49ms Image
text/plain 54.72.233.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.233.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1627432675
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 8AC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTE0NjQyOTA5NzE4MjYwMTU3NQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAVSgOPmGQJax6CGTMUm5fQ&google_cver=1&google_ula=1641347,0

35 B
468 B

46ms
46ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAVSgOPmGQJax6CGTMUm5fQ&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAVSgOPmGQJax6CGTMUm5fQ&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 8AC7 0
261 B 50ms
45ms Image
text/plain 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 8AC7
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=8340039968546267958&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=9146429097182601575

43 B
994 B

30ms
29ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=9146429097182601575

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
X-Proxy-Origin: 89.40.183.208; 89.40.183.208; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a89dc939-f553-41bc-ac98-a09ff4d60ac9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=9146429097182601575
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 8AC7 42 B
252 B 31ms
29ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:55 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:2136
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 8AC7 43 B
444 B 155ms
50ms Image
image/gif 65.9.96.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:36:47 GMT
Via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 54068
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: PRG50-C1
Content-Length: 43
X-Amz-Cf-Id: 0MsVsqA__KJHtvFNpCJ-6HKipDgG1Yj1bUhmMLwxWs98GGmyh_dW0Q==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 8AC7
Redirect Chain

https://a.audrte.com/a?adform_uid=9146429097182601575
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEFcrLi6W5o4SSjKhM6TiqKI&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=0ahL-BXXBjQRrevwHfapHy4vA&gdpr=0&gdpr_consent=

0
344 B

29ms
29ms

Image
text/plain

18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=0ahL-BXXBjQRrevwHfapHy4vA&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:56 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Wed, 28 Jul 2021 00:37:56 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=0ahL-BXXBjQRrevwHfapHy4vA&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 8AC7
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=9146429097182601575&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=9146429097182601575&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=76139189795514788243581955709615183178&noredirect=1

35 B
468 B

46ms
45ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=76139189795514788243581955709615183178&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v012-0db4b2ce0.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: SheMXem9T/E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=76139189795514788243581955709615183178&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 8AC7
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=9146429097182601575
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164910403861000004295

35 B
469 B

179ms
50ms

Image
image/gif

37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164910403861000004295

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164910403861000004295
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 8AC7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6989770119867463832

35 B
477 B

45ms
45ms

Image
image/gif

37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6989770119867463832

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6989770119867463832
Date: Wed, 28 Jul 2021 00:37:56 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 8AC7 62 B
725 B 203ms
178ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:55 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: d6e3
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 8AC7
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=bbe06100-a6e3-4500-b6f0-0acecfc833fa

35 B
468 B

46ms
46ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=bbe06100-a6e3-4500-b6f0-0acecfc833fa

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 28 Jul 2021 00:37:55 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=bbe06100-a6e3-4500-b6f0-0acecfc833fa
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 28 Jul 2021 00:40:00 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 8AC7
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=D1nSzSQE1M8xAa5

35 B
468 B

46ms
46ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=D1nSzSQE1M8xAa5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:58 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:58 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-09783869e9eb9ec2d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=D1nSzSQE1M8xAa5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 8AC7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=22d75ffe-e9d0-4075-955d-12bd35e70351

35 B
468 B

44ms
44ms

Image
image/gif

37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=22d75ffe-e9d0-4075-955d-12bd35e70351

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=22d75ffe-e9d0-4075-955d-12bd35e70351
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 8AC7 0
72 B 552ms
137ms Image
text/plain 216.46.185.183
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.183 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 8AC7
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=9146429097182601575
https://id5-sync.com/c/10/10/2/1.gif?puid=9146429097182601575&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAbF4hwS7gCpvzoBXczNv7d5SOqp2pgzWT-V9fA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/1/2.gif?puid=9b563459-eee9-470e-ba2a-c37926d5ec69&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDCf3lMsUYoSVJZDBgx2ATA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8340039968546267958&opid=apx&ops=&utidl=tech:goo:CAESEDCf3lMsUYoSVJZDBgx2ATA&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A19392991521&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

43 B
1 KB

33ms
33ms

Image
image/gif

51.89.21.31
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A19392991521&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.31 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:37:56 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A19392991521&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
date: Wed, 28 Jul 2021 00:37:57 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 8AC7
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1716725659
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=I./Sbv0CLyllAbIVUFfpNu

35 B
468 B

45ms
44ms

Image
image/gif

37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=I./Sbv0CLyllAbIVUFfpNu

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
via: 1.1 google
last-modified: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=I./Sbv0CLyllAbIVUFfpNu
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8AC7 23 B
172 B 1191ms
64ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:56 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 28 Jul 2021 00:37:56 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 8AC7
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=9146429097182601575
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=9146429097182601575&cs=1

35 B
376 B

32ms
32ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=9146429097182601575&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:56 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=9146429097182601575&cs=1
date: Wed, 28 Jul 2021 00:37:56 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 8AC7 0
236 B 181ms
80ms Image
text/plain 65.9.96.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=9146429097182601575
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:56 GMT
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: DfeqRJJ9iqUdraqSu8FZTKGv04_R2uftAM2PJpu0GWpgM6UfNStoEg==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 8AC7
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=9146429097182601575&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=9146429097182601575&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=996dc502-6812-4230-b1c3-100a62796c5c

35 B
468 B

46ms
45ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=996dc502-6812-4230-b1c3-100a62796c5c

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=996dc502-6812-4230-b1c3-100a62796c5c
date: Wed, 28 Jul 2021 00:37:56 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 9146429097182601575
match.contentexchange.me/adform/ Frame 8AC7 0
49 B 400ms
47ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/9146429097182601575?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:56 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 8AC7
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=9146429097182601575&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=9146429097182601575&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

41ms
41ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=9146429097182601575&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=9146429097182601575&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 28 Jul 2021 00:37:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 8AC7 0
261 B 48ms
45ms Image
text/plain 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=9146429097182601575&agencyId=2364&advertiserId=2036267&src=tp&rnd=840189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/ Frame FFF5 18 KB
7 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/abg_lite_fy2019.js

Requested by

Host: 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
URL: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 23:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Aug 2021 23:45:14 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FFF5 22 KB
7 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
URL: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:05:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFF5 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
URL: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:55 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Wed, 28 Jul 2021 00:37:55 GMT

GET
H2 200 rules-p-59TDtw8Xc0wSM.js Show response
rules.quantcount.com/ Frame AB98 784 B
1 KB 33ms
10ms Script
application/javascript 2600:9000:2127:4400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-59TDtw8Xc0wSM.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 713fc9f8abe79cb80fc0207cbd722d60746e79796a09a208942691386394473a

Request headers

Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:24:25 GMT
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
age: 1857
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 784
last-modified: Mon, 19 Jul 2021 19:53:53 GMT
server: AmazonS3
etag: "f375410bb18e492a5621549c766bae93"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-amz-cf-id: 1EAKdTsd-usT6rj_QvOrK0sdvl0SJk4iu3G01bIYDGovvZWX0m32qQ==

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame FFF5 109 KB
38 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
URL: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
Referer: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 11:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 11:01:28 GMT

GET
H2 200 pixel;r=1959111650;labels=_fp.event.American%20Banker%20Easy%20Tag;event=refresh;rf=0;a=p-59TDtw8Xc0wSM;url=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1662401%26lid%3D56730269%26ct...
pixel.quantserve.com/ Frame AB98 35 B
371 B 11ms
10ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1959111650;labels=_fp.event.American%20Banker%20Easy%20Tag;event=refresh;rf=0;a=p-59TDtw8Xc0wSM;url=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1662401%26lid%3D56730269%26ctype%3D0%26media%3D0%26PageName%3DAmerican_Banker%2BUniversal%2BTag%26orderid%3DUNIQUE_ORDER_ID%26sysvars%3D%257corderid%253dUNIQUE_ORDER_ID%257c%257c%257c%2540%2540%257cpid%253dOFFER_ID%257cpnm%253dProductRatePlanName%257c%26itm%3DeyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0%26rnd%3D1959318285%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.americanbanker.com%252fpayments%252fnews%252fwhat-senguptas-departure-means-for-googles-payments-business%252316164755323392%2526amp%253b%257b%252522sender%252522%253a%252522offer-0-HIVyb%252522%252c%252522displayMode%252522%253a%252522modal%252522%252c%252522recipient%252522%253a%252522opener%252522%252c%252522event%252522%253a%252522resize%252522%252c%252522params%252522%253a%257b%252522width%252522%253a500%252c%252522height%252522%253a0%252c%252522iframeId%252522%253a%252522offer-0-HIVyb%252522%257d%257d;ref=https%3A%2F%2Fwww.americanbanker.com%2F;uh=78e1d296268e;uht=2;fpan=1;fpa=P0-1280344164-1627432675077;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=a2.adform.net;je=0;sr=1600x1200x24;dst=1;et=1627432675077;tzo=-120;ogl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/dfp/257653/5039133965/1624649277681/ Frame 4F31 21 KB
5 KB 20ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c184acdc23748c6087cfcc50f01fc844a6448c7bacacf334b1fcfaefa4d98940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/257653/5039133965/1624649277681/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 4682
date: Tue, 27 Jul 2021 07:13:35 GMT
expires: Wed, 28 Jul 2021 07:13:35 GMT
last-modified: Fri, 25 Jun 2021 19:27:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 62660
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FFF5 0
23 B 67ms
65ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyZly0IGV5mn25Mck4vR3YQ5mUHfrwHpISQX036WYZ5PG6qxvac6o5Pf6VqCVGmB3eDC4Y_Wh-8lO3LnaRKIBZWAgNBa83SpLT6Bwp0B_j-j_HeeB0IZqNcoGL6grOgewGGEYpdqKF_3pT27oGWvec_3go9BoA9MfYJH4m--HDKuzNod1HwadoiB5MB3oahbkdulhYEx-H7cGpvSDOJNjJRrvpQLfZtOUYvKS_E60OfRxOOA2tdva7-5yXAsQhLMaJEYib7KrVDU-mdWNo76HmnKbkANA5AX9dpswE_oxf8GZVeoDb_rVP6wnz8JmkOBEIIeKh5wcr5VH-0RZ16arc9DoJUDOa&sig=Cg0ArKJSzLbMv_n69s4QEAE&urlfix=1&adurl=

Requested by

Host: 2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
URL: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 00:37:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 f5ae70c7b9ce9754c86012cadcf930e4.js Show response
s0.2mdn.net/dfp/257653/5039133965/1624649277681/ Frame 4F31 66 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/f5ae70c7b9ce9754c86012cadcf930e4.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

496ec3e52e4bd98885d6bf0621d9557802302dddde718486de6f7782cf5fd900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17357
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 19:27:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H3-29 200 79a33fdfbe14619fe29042158ce24286.svg
s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/ Frame 4F31 8 KB
2 KB 9ms
6ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/79a33fdfbe14619fe29042158ce24286.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e797dacd0cc4f7ed80ba9e7b5f1193a1ea48337f8df3c4291034999823078c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2438
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 19:27:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H3-29 200 2b4e217db5262207137dee484f5bf94e.png
s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/ Frame 4F31 7 KB
7 KB 10ms
6ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/2b4e217db5262207137dee484f5bf94e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

810cc669dd96763a540cc163f0a35b3586d7783f2eaba301395522370055e633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 19:27:57 GMT
server: sffe
age: 62660
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7452
x-xss-protection: 0
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H3-29 200 d5df86c3a3320f017271620e802e67d6.svg
s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/ Frame 4F31 5 KB
2 KB 10ms
6ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/d5df86c3a3320f017271620e802e67d6.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5045d2f5cd26bd9292bbe18b5d7ad8f604f8d2a44d9bd011b73e83c0d6e8df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1551
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 19:27:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H3-29 200 2de839eb458adf1d9eec152aa4f6e648.svg
s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/ Frame 4F31 3 KB
996 B 11ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/2de839eb458adf1d9eec152aa4f6e648.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efcdfe14d4069fb8b74cfdb22f7746b3b3258cbfdf1d6ca641ce505ffc40cfbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 972
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 19:27:58 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H3-29 200 0da844e7ed9b4d0b9cb25084c5f8725d.svg
s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/ Frame 4F31 440 B
323 B 12ms
8ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/0da844e7ed9b4d0b9cb25084c5f8725d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17fc9d9a001202c8e0e607e6325d0365cd466547dc3a3e11e3150ea3e00d6792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 299
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 19:27:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H3-29 200 19bb3b4280399bdb8addd33beb121504.svg
s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/ Frame 4F31 4 KB
1 KB 11ms
8ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/19bb3b4280399bdb8addd33beb121504.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6a1b5b9977a38e0c560dede3a05c84af90c17afedf8c78e1e998a8f9b665213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1423
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 19:27:58 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H3-29 200 8a454284e9d0f33b154503c3db243a16.svg
s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/ Frame 4F31 4 KB
1 KB 10ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/8a454284e9d0f33b154503c3db243a16.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2640684636d3984627b6e5266bc1df454b4e5ea6e2b0696d8c68ab6a0b99cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1409
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 19:27:58 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H3-29 200 d7d0f99b3ab9fa17ae3c02379c8e1fec.svg
s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/ Frame 4F31 3 KB
950 B 12ms
10ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/d7d0f99b3ab9fa17ae3c02379c8e1fec.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f4ba4b5a12104d419230d24e6afe83590d70f2b1f8b180a55aab1494a8bbf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 926
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 19:27:58 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H3-29 200 85c939320aa9d87e14f64b2e832d7bd0.png
s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/ Frame 4F31 15 KB
15 KB 11ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/media/85c939320aa9d87e14f64b2e832d7bd0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34be88f7e32ad4c511f28cb9ac4383cc27d9694e686cdda373c23f40aa36e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/257653/5039133965/1624649277681/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:13:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 19:27:57 GMT
server: sffe
age: 62660
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15001
x-xss-protection: 0
expires: Wed, 28 Jul 2021 07:13:35 GMT

GET
H2 200 main.gr.19.8.217.js Show response
static.adsafeprotected.com/ Frame 128A 183 KB
58 KB 31ms
7ms Script
application/javascript 2600:9000:21f3:1000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.217.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=300x250&pubId=4456012746&chanId=22401786010&placementId=5680235680&pubCreative=138348011648&pubOrder=2850669722&cb=796612269&custom=bigbox1&adsafe_par&impId=0c26aed0-ef3c-11eb-ba94-067f141e2336&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74e5e11cd8453e9dd3df30335ade7b94f014e0e8617910a8ded49f715f4bb690

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 18:56:04 GMT
content-encoding: gzip
age: 1057311
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Jul 2021 18:34:44 GMT
server: AmazonS3
etag: W/"bfc62ca485c0623ae594a8d903890414"
vary: Accept-Encoding
x-amz-version-id: 8BXutTBxdxEtynkCzQScRqcRkCcJzYUO
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: vp3bHb6tGmdkW2ULucMWUAJBuXuhy6mhse1xKmXrUngKQFf3SncfPQ==

GET
DATA 200
OK truncated
/ Frame 4F31 295 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bdff745375f9248cb7bdd2985d7e166c9ede4599e6c67b5c689ddc957b9d381

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FFF5 0
0 64ms
64ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIPbwxepBtN6jN9eYVFiG_L-aKWBljg0zZ4ib5-6D7wcrEPxSaZ6QD3witj_8sakRqx3DQHTKruWrDToKRTy0x6Jc-anzCB0OdMZJp-2D7GxfsUGJC0PoyBg0AzgZu6K2xPZVCcpzZJ4c45LSzQSB1s0IMqAoMWEEWZTUxXqfGma4iZZmlv0wwMVManT2wHFqOReiQ7Zj5vd7gVtnikebAAn74hBbvZli7Yo0Ez5m0c1O40Jl8z3rSXzmOF-xFjRDEfu808UyIj_-HMQ3_h9rP44bqd-QuCLlyi6O6IIfGlfTBeUrDc1hrAhw4rRlkR1C-ym1e8vLHcmRMEiCvL-pI62gu2dDF_T4&sig=Cg0ArKJSzPfM8BlutbGLEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 00:37:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 28 Jul 2021 00:37:55 GMT

GET
H2 200 sca.17.5.9.js Show response
static.adsafeprotected.com/ Frame 496C 81 KB
21 KB 6ms
6ms Script
application/javascript 2600:9000:21f3:1000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.9.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7de6d8301cd970728c46d6379ab6b7aee90ba56a7f70dd9bf8257f20dba2c516

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 16:29:43 GMT
content-encoding: gzip
age: 720493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 16 Jul 2021 17:48:36 GMT
server: AmazonS3
etag: W/"a649c89091c39c7483930ba8cc3a5da5"
vary: Accept-Encoding
x-amz-version-id: rArXeQ6nTVw2PgEpoIt.iKZoYH93Ri0P
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: yn6KJpr-uNhw9WSEbnciLJNy1al-SDfCLxcBYAUJEbOo2FlmvLBtOQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 55ms
54ms Image
image/gif 34.247.75.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=11046&campId=300x250&pubId=4456012746&chanId=22401786010&placementId=5680235680&pubCreative=138348011648&pubOrder=2850669722&cb=796612269&custom=bigbox1&adsafe_par&impId=0c26aed0-ef3c-11eb-ba94-067f141e2336&custom3=&adsafe_url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&adsafe_type=aq&adsafe_url=https%3A%2F%2Fwww.americanbanker.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business&adsafe_type=bd&adsafe_jsinfo=,id:eacca70b-f08c-4050-1cc3-ab4d46973247,c:jCBYu1,sl:inView,em:true,fr:true,mn:app22ie,pt:1-5-15,wc:0.0.1600.1200,ac:1070.255.300.250,am:i,cc:1070.255.300.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:58,fm:sEpLEv6+111%7C121%7C131%7C14%7C15%7C16%7C171%7C18*.11046%7C181%7C19,idMap:18*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:78,oid:0c70fee2-ef3c-11eb-964f-06da572054ee,v:19.8.217,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.75.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 294ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=eacca70b-f08c-4050-1cc3-ab4d46973247&tv=%7Bc:jCBYul,pingTime:0,time:97,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:77%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:97,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:77,wc:0.0.1600.1200,ac:1070.255.300.250,am:i,cc:1070.255.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~100%5D,as:%5B37~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEpLEv6+111%7C121%7C131%7C14%7C15%7C16%7C171%7C18*.11046%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 301ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=eacca70b-f08c-4050-1cc3-ab4d46973247&tv=%7Bc:jCBYut,pingTime:-2,time:105,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:183,beZ:184,mfA:242,cmA:243,inA:243,inZ:248,prA:248,prZ:254,si:262,poA:263,poZ:272,cmZ:272,mfZ:272,loA:282,loZ:284,ltA:288,ltZ:288%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:77%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:105,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:77,wc:0.0.1600.1200,ac:1070.255.300.250,am:i,cc:1070.255.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~100%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEpLEv6+111%7C121%7C131%7C14%7C15%7C16%7C171%7C18*.11046%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/16059533/AmericanBanker/Payments/Article_1,google_ads_iframe_/16059533/AmericanBanker/Payments/Article_1__container__,googleAd758e0588-9521-4895-a438-43fa6c332288,scrollContainer%5D,sinceFw:26,readyFired:true%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 297ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=eacca70b-f08c-4050-1cc3-ab4d46973247&tv=%7Bc:jCBYv3,time:141,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:141,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:77,wc:0.0.1600.1200,ac:1070.255.300.250,am:i,cc:1070.255.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B80~100%5D,as:%5B80~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEpLEv6+111%7C121%7C131%7C14%7C15%7C16%7C171%7C18*.11046%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 103ms
102ms Script
text/javascript 3.224.4.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=7568712%2C6451507%2C6745137&cl=342&pixelIndex=0&r=802841&tzOffset=-120&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%26amp%3B%7B%2522sender%2522%3A%2522offer-0-HIVyb%2522%2C%2522displayMode%2522%3A%2522modal%2522%2C%2522recipient%2522%3A%2522opener%2522%2C%2522event%2522%3A%2522resize%2522%2C%2522params%2522%3A%7B%2522width%2522%3A500%2C%2522height%2522%3A0%2C%2522iframeId%2522%3A%2522offer-0-HIVyb%2522%7D%7D&id=8340039968546267958&_=1627432674066
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.4.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1 200
OK seg
ib.adnxs.com/ 43 B
1 KB 41ms
39ms Image
image/gif 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=827&add=7568712,6451507,6745137

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
X-Proxy-Origin: 89.40.183.208; 89.40.183.208; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0f4fe5d4-103d-47f1-a6b4-4bddc79a501c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 43 B
994 B 31ms
29ms Image
image/gif 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=803560&t=2

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
X-Proxy-Origin: 89.40.183.208; 89.40.183.208; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 74371a1a-e195-44ac-a8b6-9367a8dc8f71
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 99ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=eacca70b-f08c-4050-1cc3-ab4d46973247&tv=%7Bc:jCBYA3,pingTime:-10,time:451,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,fsc:17.5.9v220002022000220000022002222000022220200000222200222220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS45djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS45dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTEyMHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1627432675586%7C%7C59182910c6c1c83793f0e8e3f90c1db5%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cb416e0913660c13291ac10dcacb63ed0%7C%7Cf0175f6ffa82ecb0112d3a31fd1c129a%7C%7C8884c9bd8d1ad271fe92b32ebbbbcffd%7C%7Cadf8f24c53287f69f97d0e240ceec5cf%7C%7C83e0acb7da6ba0ecd9bace2d101861ec%7C%7C1626457705,ch:n%7D
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:55 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B6A9 42 B
518 B 32ms
13ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstu2xpZS3dBF3lt3Qsv4d1hjI2sIta3EkSe0Uk_EFOEpOwosGg2lnp4BuxxYckryNy5z9rwQHmxlB5wEKW0Jvra_kHJl5PDK-8yYdT5OjDWYBZWpkkX&sig=Cg0ArKJSzPt9Jdw9j57DEAE&id=lidar2&mcvt=1000&p=255,1070,505,1370&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210726&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2501063575&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627432674813&rpt=180&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FFF5 42 B
64 B 22ms
21ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOYDb2gcaNuKnXAIdRVQyRxNb_5m51aj4SeKw2m6_1PIO4orF5v3c4vwJD9vNubFUQ_KSxYLvNSJOeKSQzIwun8-h0nCXafQEE3gOPfCwmC7ZM8xoQ&sig=Cg0ArKJSzG4sNFHUTdo_EAE&id=lidar2&mcvt=1000&p=124,436,214,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210726&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3903159866&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627432674800&dlt=58&rpt=272&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 98ms
97ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=eacca70b-f08c-4050-1cc3-ab4d46973247&tv=%7Bc:jCBYKv,pingTime:1,time:1099,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:77%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1099,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:77,wc:0.0.1600.1200,ac:1070.255.300.250,am:i,cc:1070.255.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1038~100%5D,as:%5B1038~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:sEpLEv6+111%7C121%7C131%7C14%7C15%7C16%7C171%7C18*.11046%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:56 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 98ms
97ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=eacca70b-f08c-4050-1cc3-ab4d46973247&tv=%7Bc:jCBYKv,pingTime:1,time:1099,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:77%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1099,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:77,wc:0.0.1600.1200,ac:1070.255.300.250,am:i,cc:1070.255.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1038~100%5D,as:%5B1038~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:sEpLEv6+111%7C121%7C131%7C14%7C15%7C16%7C171%7C18*.11046%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:56 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 92ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=eacca70b-f08c-4050-1cc3-ab4d46973247&tv=%7Bc:jCBYKw,pingTime:1,time:1100,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:77%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1100,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:77,wc:0.0.1600.1200,ac:1070.255.300.250,am:i,cc:1070.255.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:sEpLEv6+111%7C121%7C131%7C14%7C15%7C16%7C171%7C18*.11046%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:37:56 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
215 B 52ms
52ms Image
image/gif 34.247.75.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:11046&sessionId:24779b1c-69d1-cdcb-6d66-54e51465cfb6&err:responsetime%3A79%26probability%3A10
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.75.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:56 GMT
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 unload
api-v3.tinypass.com/api/v3/page/ 0
0 124ms
123ms Ping
application/json 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3.tinypass.com/api/v3/page/unload?aid=XUnXNMUrFF&tbc=%7Bjzx%7DmSwb68iEGdNitdnVuQRUrnvCsH4R0RvO7hMECAAslfV4Bi4rtiLYG5sr0BawytuVr1b6G8Q3xAh4Lh_7pVns1CpKNoBwvMusDaCD8KbLyFc&time_spent=%7B%22active%22%3A4%2C%22total%22%3A4%7D&scroll=%7B%22max_page_height%22%3A3968%2C%22max_depth%22%3A1200%7D&viewport_exit=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fpayments%2Fnews%2Fwhat-senguptas-departure-means-for-googles-payments-business%2316164755323392%2526amp%253B%257B%2522sender%2522%253A%2522offer-0-HIVyb%2522%252C%2522displayMode%2522%253A%2522modal%2522%252C%2522recipient%2522%253A%2522opener%2522%252C%2522event%2522%253A%2522resize%2522%252C%2522params%2522%253A%257B%2522width%2522%253A500%252C%2522height%2522%253A0%252C%2522iframeId%2522%253A%2522offer-0-HIVyb%2522%257D%257D&pageview_id=krmre7zokirvjl2y&visit_id=v-krmre7zqucnd77g3&ads=%7B%22dfp%22%3A%5B%7B%22companion%22%3Afalse%2C%22adUnit%22%3A%22%2F16059533%2FAmericanBanker%2FPayments%2FArticle%22%2C%22isEmpty%22%3Afalse%2C%22elementId%22%3A%22googleAdbdaf74d8-2743-4db9-8b13-2b1c58dc90c1%22%2C%22advertiserId%22%3A5039133965%2C%22campaignId%22%3A2875472108%2C%22lineItemId%22%3A5728936480%2C%22creativeId%22%3A138357128627%2C%22eventSource%22%3A1%2C%22size%22%3A%5B728%2C90%5D%2C%22viewed%22%3Atrue%2C%22position%22%3A%7B%22top%22%3A104%2C%22left%22%3A436%7D%7D%2C%7B%22companion%22%3Afalse%2C%22adUnit%22%3A%22%2F16059533%2FAmericanBanker%2FPayments%2FArticle%22%2C%22isEmpty%22%3Atrue%2C%22elementId%22%3A%22googleAda5524e52-9aec-4a6a-8c29-be229c4d4d6b%22%2C%22eventSource%22%3A1%2C%22size%22%3Anull%2C%22viewed%22%3Afalse%2C%22position%22%3A%7B%22top%22%3A290%2C%22left%22%3A0%7D%7D%2C%7B%22companion%22%3Afalse%2C%22adUnit%22%3A%22%2F16059533%2FAmericanBanker%2FPayments%2FArticle%22%2C%22isEmpty%22%3Afalse%2C%22elementId%22%3A%22googleAd758e0588-9521-4895-a438-43fa6c332288%22%2C%22advertiserId%22%3A4456012746%2C%22campaignId%22%3A2850669722%2C%22lineItemId%22%3A5680235680%2C%22creativeId%22%3A138348011648%2C%22eventSource%22%3A1%2C%22size%22%3A%5B300%2C250%5D%2C%22viewed%22%3Atrue%2C%22position%22%3A%7B%22top%22%3A0%2C%22left%22%3A0%7D%7D%5D%7D
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.americanbanker.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS

POST
H3-29 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 149 KB
21 KB 173ms
173ms XHR
application/json 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dafbd770edd547fe58d4b1022317df48ccb4e1d0c963294781d667e39b4e6524

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Jul 2021 00:37:58 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: Ca3jxwqnEuT
pragma: no-cache
wn: prod-exp-10-0-91-227
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 675a0ac1d81d1786-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 23ms
23ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072402&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a13c622e43ea284fa0f861a143dc974a6f6a8705a757074e9eee9703e9fca7db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 00:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8474
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072402.js?31062010

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 28 Jul 2021 00:37:58 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4198 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 27 Jul 2021 20:26:08 GMT
expires: Wed, 27 Jul 2022 20:26:08 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C617 783 B
533 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8bb91e4af64b504c805d40f40cd76fc026e0add3596155f4ab064411cf3704ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x51hLv+xstBGlhRHv34M6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

expires: Wed, 28 Jul 2021 00:37:58 GMT
date: Wed, 28 Jul 2021 00:37:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-x51hLv+xstBGlhRHv34M6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 J27ajpExITIepw582gtzBKVJYHugkOkPHhMaXhrZD3o.js Show response
pagead2.googlesyndication.com/bg/ Frame 4198 35 KB
13 KB 29ms
29ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J27ajpExITIepw582gtzBKVJYHugkOkPHhMaXhrZD3o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

276eda8e913121321ea70e7cda0b7304a549607ba090e90f1e131a5e1ad90f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 12:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13275
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 15:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 12:54:01 GMT

POST
H3-29 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 550 B
831 B 420ms
419ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d0274e2425e11c08c39da615afc9589f82dc6026f680278851013dbadff2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Jul 2021 00:37:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: Cb3jxwqoWyw
pragma: no-cache
wn: prod-dash-10-0-94-99
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-ray: 675a0ac30f8ec2f4-FRA
expires: 0

GET
H3-29 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 5B93 13 KB
4 KB 22ms
22ms Document
text/html 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

facf1d5bfcfa35d7ac5e974c4c78c8f5358ee469cc1592419da376713c52a9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.americanbanker.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: JSESSIONID=D6D0E92AF9A78C8B6FCC95B1A85DA7DE; LANG=en_US; LANG_CHANGED=en_US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.americanbanker.com/

Response headers

date: Wed, 28 Jul 2021 00:37:58 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Wed, 28 Jul 2021 03:37:58 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.001
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-112-60
x-forwarded-https: on
x-request-id: C0cixwqfdgA
x-xss-protection: 0
cf-cache-status: HIT
age: 982
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 675a0ac318fc1786-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 51ms
51ms Script
application/javascript 65.9.98.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.98.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:30:20 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 16:29:57 GMT
server: AmazonS3
age: 459
etag: W/"6f6cd12e9b9fb6a70e03f3fc2cae03a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: kLQhxt-M1cj0_l3QLJXkpY-8owuYKMNm9Dm70hp2INiesVYSr1D_7w==

GET
H3-29 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 5B93 33 KB
6 KB 22ms
21ms Stylesheet
text/css 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:58 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 4655
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-92-171
last-modified: Tue, 27 Jul 2021 10:06:02 GMT
server: cloudflare
etag: W/"33843-1627380362000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 675a0ac339211786-FRA
expires: Wed, 28 Jul 2021 02:37:58 GMT

GET
H3-29 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 5B93 34 KB
7 KB 119ms
119ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=XUnXNMUrFF&version=1619704701000&language=en_US

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec70cfb1ce0aed65c10ebc00451fef58c830dbe4c02db1ba4115e7e3442c3c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:59 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: Ca3jxwqECyM
pragma
wn: prod-dash-10-0-86-222
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 675a0ac339221786-FRA
expires: Wed, 28 Jul 2021 20:37:58 EDT

GET
H3-29 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 5B93 55 KB
11 KB 27ms
27ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.264.0

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab33c235c670da8c30b661bd6f4315ca5b2c2774857c10cfa050b27c7a8a4b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 53593
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-132-127
last-modified: Mon, 26 Jul 2021 15:19:42 GMT
server: cloudflare
etag: W/"56811-1627312782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 675a0ac339231786-FRA
expires: Thu, 29 Jul 2021 00:37:58 GMT

GET
H3-29 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 5B93 513 KB
154 KB 41ms
40ms Script
text/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760499e3b8003baafc3b3eeb5a7ba842e46c9495c64488723c7c62a6233124bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3179
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-0-135-93
last-modified: Tue, 27 Jul 2021 10:06:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.002
cache-control: public, max-age=601621
x-optimized-by: _sam
cf-ray: 675a0ac339251786-FRA
expires: Tue, 03 Aug 2021 23:44:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5B93 5 KB
531 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9062b283108aee3d80a32cada8435bd6e2b642f3532de4ec9460136e98d6bc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 22:39:51 GMT
server: ESF
date: Wed, 28 Jul 2021 00:37:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 00:37:58 GMT

GET
H2 200 americanbanker3x.png
images.newsletters.sourcemedia.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/ Frame 5B93 8 KB
9 KB 6ms
6ms Image
image/png 2600:9000:21f3:be00:8:2b19:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.newsletters.sourcemedia.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/americanbanker3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:be00:8:2b19:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f2b6c5613e703f11e27309ad9e7115cabb98e70acb07b7417a3e68b6e083e24

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
etag: "19d4923e2aa582a437a134b96bfaf2e3"
last-modified: Mon, 03 Jun 2019 20:35:59 GMT
server: AmazonS3
age: 1250777
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
date: Tue, 13 Jul 2021 13:11:42 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 8610
x-amz-cf-id: Xm_DPwCRK7NEUzbhNheXvfcV8ZsTGhM4AjpmpBzZ5Qmy3v2TJd5dNQ==

GET
H/1.1 200
OK icon-arrow-down-show-3x.png
source-media-brightspot-lower.s3.amazonaws.com/de/55/86a18aa047308959b772cc9fe6c0/ Frame 5B93 1 KB
2 KB 118ms
117ms Image
image/png 52.216.83.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://source-media-brightspot-lower.s3.amazonaws.com/de/55/86a18aa047308959b772cc9fe6c0/icon-arrow-down-show-3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.83.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3c1db1885b0f1d07ded84a1dd2b4aa9e5a150e74c37c6f27e9ad9e76820ee84

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:38:00 GMT
Last-Modified: Wed, 14 Apr 2021 20:08:55 GMT
Server: AmazonS3
x-amz-request-id: TKE0GTBVMBJPF6FD
ETag: "03078169ee60acf0e5340c8df1a668d9"
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 1205
x-amz-id-2: 8UdGtTz5vMJ/yDQSRxAQKudf1PXOzK8IqZdDUhTQxhlf7zduDBR9cEa80ljD5PmHWmI1OgqP0jY=

GET
H/1.1 200
OK icon-checkmark-benefits-3x.png
source-media-brightspot-lower.s3.amazonaws.com/e6/5a/cf83bdcb4154966bba0142ee706f/ Frame 5B93 737 B
1 KB 114ms
113ms Image
image/png 52.216.83.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://source-media-brightspot-lower.s3.amazonaws.com/e6/5a/cf83bdcb4154966bba0142ee706f/icon-checkmark-benefits-3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTX3W96I2AP4&offerId=fakeOfferId&experienceId=EX81XQFAS8BR&iframeId=offer_290ecb89d18c3e42bd85-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.83.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5369beacf41380e4c6215ba0e5c1fbf7f454dfd686276b0559b1caf04584ea65

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 00:38:00 GMT
Last-Modified: Wed, 14 Apr 2021 20:05:44 GMT
Server: AmazonS3
x-amz-request-id: TKEB3TZ0GK5EQX4M
ETag: "c8e2d9524224f461e3d5a82b9a071f28"
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 737
x-amz-id-2: r1Lmd8mgrf1P9AnzifA/D9bTMmw0rSweY6ZtkZ/LyqC97/W6ikyHL6ZbQSo3wdGx28GPzkEqCzI=

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072402&jk=1934936515445686&bg=!XV6lXhrNAAb7_-tu-_87ACkAdvg8WmNqJJ_pbLo3JV4lqipMBXOJZCTdP_IAdi8b65QNQV2-8RpsrAIAAACQUgAAAAxoAQeZAoP4Hvt-pkl6qpCVEKMIwGnI1-oIr93SiAzGicPJXi0knXdu6jJIKzg9W07szXdpjh5fJS1qSQf6RNDLo1Ft-fitG0rr1rSUxc1W7X5vwEJ637gWX58buGh0-_Am7FLmO9DisE9znr2Hi1zjIhPQdapj7xCAViD-fBglg6CJQMa1xLIK1JBSTIa2e9z5kf03YptNBsyuBfGKpD0AH46dILjYd-McWNupoXBa7CAUuhJR62X3tnwvKWGdpItwVbYOA2SZekNdMbWewJxwuPAEbSNX7cAQte6J_uwXe0kT4LIXK4MGSZYJ8M48cHfsYLGnDu5JKSGhWz8Xp24UVZXaVOZaVe-kV45jdet-sXcA1hjQVGCzXMDA_T5CH4CM_a0lZblTEeXle_3_DFELgYANYcCKVNPvgwW5L-85HDOYPPYEMAvUcMk-5PecWWv0kKesbGAbqNYa681aoxtiiYTaVY5QrPfbuLSLyjX_KMRv1IBdIpb1bx9soDDBSw469xxLvOS7jmxkD-3G24mpO2-oHTqiCYCseabVv0f9aaQNrYLiq1OjPVBWWaMXAntOTJhl9KXzIUkXXsA5eY4HNMQhPx0ZMyeiHxKW64T-KfF_sb_c_NITUNMLEnC8T7DnU3rCx4vUVJIVryheFqHAJcM6bOZj_-G4qrgNsNLKKtHCFNLM9ojDflZ0y9_DmePuEfh5pLaAOtbwqfeMNe_3trqzrzHuURgZJLUNeli68SlyMUmSHcnn-g1_OvvMJOHUUwDXGe33i9DTWAPMeZFX85C6W9HQgtOB5riDvihuNijDMKNvQ7TU0aYFpA91V4zQFFBalOOens9KGic86E04nr7Alrope_uR

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:37:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 5B93 2 KB
3 KB 16ms
16ms Image
image/png 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:37:59 GMT
cf-cache-status: HIT
age: 4654
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-94-99
last-modified: Tue, 27 Jul 2021 12:07:50 GMT
server: cloudflare
etag: W/"2177-1627387670000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.001
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 675a0ac429bd1786-FRA
expires: Wed, 28 Jul 2021 02:37:59 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 5B93 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 87678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:41 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 5B93 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 57817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:34:22 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 98ms
97ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=eacca70b-f08c-4050-1cc3-ab4d46973247&tv=%7Bc:jCBZN1,pingTime:5,time:5099,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:77%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5099,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:77,wc:0.0.1600.1200,ac:1070.255.300.250,am:i,cc:1070.255.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5038~100%5D,as:%5B5038~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:101,fm:sEpLEv6+111%7C121%7C131%7C14%7C15%7C16%7C171%7C18*.11046%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 00:38:00 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 295ms
98ms Image
image/gif 52.206.103.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=eacca70b-f08c-4050-1cc3-ab4d46973247&tv=%7Bc:jCC2oj,pingTime:15,time:15099,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:77%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15099,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:77,wc:0.0.1600.1200,ac:1070.255.300.250,am:i,cc:1070.255.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15038~100%5D,as:%5B15038~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:99,fm:sEpLEv6+111%7C121%7C131%7C14%7C15%7C16%7C171%7C18*.11046%7C181%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.103.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 00:38:10 GMT
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-19 21:30:16	Name: uid Value: 9146429097182601575
.adform.net/	1970-01-19 20:48:31	Name: C Value: 1
.tinypass.com/	1970-01-21 08:03:52	Name: LANG Value: en_US
.americanbanker.com/	1970-01-19 20:05:19	Name: __pvi Value: %7B%22id%22%3A%22v-krmre7zqucnd77g3%22%2C%22domain%22%3A%22.americanbanker.com%22%2C%22time%22%3A1627432678694%7D
www.americanbanker.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 4.007
.adform.net/	1970-01-19 20:05:19	Name: CM Value: 1\|1
.americanbanker.com/	1970-01-20 05:25:28	Name: __gads Value: ID=44c234c077314dc5:T=1627432674:S=ALNI_MbBJJwWPWxGDPveqRl1Ga8IfQjCTA
.americanbanker.com/	1969-12-31 23:59:59	Name: cX_S Value: krmre8dvgy0iq4nw
www.americanbanker.com/	1970-01-19 20:11:04	Name: _pc_social_footer_exposure Value: TRUE
.americanbanker.com/	1970-01-20 13:35:04	Name: xbc Value: %7Bjzx%7DIsprgH45QNEy9NMabm98DeA_-rMUCW2DKE37bHY321dstq3_ar6f4mOuvqww_Yjxs6YxLBJTSJIFkTH0tv78rc8beZUZDV031ZEZrpeqCv-8B485ZWdcTiBPUhais9WWCiLttSp6K1JF6DTvbwyFwlOuDQbasYOn279hvgjUWD_a9ZwFAlgZWCsoTU_SL4FJBqA4p0xe95VzCA87SrGB0BMGZrV7BlwWG5eYCYArgYIk_SYB5Iq5JpQrlSMuQ8H6wESiRHreQawFRA2Y2ZPU7ptw2ZkJ9v_r8V2oVS8-wZelsFAxm8BHAnA99wa0GW0Nh8SeV5I7dOzMcS3RE2rsriQmaJQw7pLCHufS3I51EWoZl3B2IFmcDCKc-MAWxZog8RnA_B3gCmEAY13ORLC_y_VgN8V0uRyYyoMiishFZ97AKIMHKzsqcDeO_CKDyFM1DSdXol6I_aksvZUWUbOvjwkr8lW5azOjzraHtYKE3lhKuVe2_e2B6edqBZOi9RiqKTec9UftvNsehotM085od7TJ6Fh9OM87iu9cZn-Wzh33wenla7oQijpnPiSJnXhaLenhsHc_cetf5VptoSZkW-aUggZ-lEoImYQByr_VWhghmuLevAq7x26_rJwHxtQ75ChdSvBIgfrzHL2WWb6ECf7N-tiGwWTOc_5CYk3Z2DmwtT1cTis3OuVnggLgDSrHdzYeOvtOsMywdEnoe78qb7CeR7ttzH9_58dRYJn91Q8IvS1okzYs4GoLZERPdOjKw-urq6iMLXH5fORgm_LTyH-__RzAuY_FtQazkUcpzG6XcNGDg1x3ex0Dj5thYutX
.tinypass.com/	1970-01-19 20:05:19	Name: LANG_CHANGED Value: en_US
.americanbanker.com/	1970-01-19 20:03:56	Name: _bts Value: ec45f901-fd58-4646-958d-21047eeabe1c
.americanbanker.com/	1970-01-19 20:05:19	Name: _gid Value: GA1.2.1888945322.1627432674
.americanbanker.com/	1970-01-19 20:47:04	Name: __pat Value: -18000000
.americanbanker.com/	1970-01-20 04:49:28	Name: _bti Value: %7B%22app_id%22%3A%22sourcemedia-prod%22%2C%22attributes%22%3A%5B%7B%22name%22%3A%22created_at%22%2C%22value%22%3A%222021-07-28T00%3A37%3A53%2B00%3A00%22%7D%2C%7B%22name%22%3A%22last_updated%22%2C%22value%22%3A%222021-07-28T00%3A37%3A53%2B00%3A00%22%7D%5D%2C%22bsin%22%3A%22nF1VJp%2B9QnkYyAEbXCaQss%2F2OzUWIyTvPVpwaH3epK3jEsdCPBYFbH%2FEkk9SHZwY4BjT86eAJ3z8lBKgHK7WYQ%3D%3D%22%2C%22created_at%22%3A%222021-07-28T00%3A37%3A53%2B00%3A00%22%2C%22last_updated%22%3A%222021-07-28T00%3A37%3A53%2B00%3A00%22%7D
.americanbanker.com/	1970-01-20 13:35:04	Name: __tbc Value: %7Bjzx%7DmSwb68iEGdNitdnVuQRUrnvCsH4R0RvO7hMECAAslfV4Bi4rtiLYG5sr0BawytuVr1b6G8Q3xAh4Lh_7pVns1CpKNoBwvMusDaCD8KbLyFc
.adform.net/	1970-01-19 20:24:02	Name: CM14 Value: 1627519074_1627432674_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
www.americanbanker.com/	1970-01-19 22:13:28	Name: __pnahc Value: 0
www.americanbanker.com/	1970-01-23 11:39:52	Name: _ccmsi Value: 1627432674097_5mzrpgnr3\|1627432674097
www.americanbanker.com/	1969-12-31 23:59:59	Name: _pc_summer_sale_promo Value: true
.americanbanker.com/	1970-01-19 20:03:52	Name: _dc_gtm_UA-219761-28 Value: 1
www.americanbanker.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.tinypass.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: D6D0E92AF9A78C8B6FCC95B1A85DA7DE
.americanbanker.com/	1970-01-20 05:25:28	Name: _uetvid Value: 0bc536d0ef3c11eb8758a16469f0e473
www.americanbanker.com/	1970-01-19 20:03:52	Name: __adblocker Value: false
.americanbanker.com/	1970-01-20 05:33:16	Name: _parsely_visitor Value: {%22id%22:%22pid=5d6d8b17a647105c0a84007bfedf1a76%22%2C%22session_count%22:1%2C%22last_session_ts%22:1627432674139}
www.americanbanker.com/payments/news	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.americanbanker.com/	1970-01-19 20:03:54	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business#16164755323392&amp%3B{%2522sender%2522:%2522offer-0-HIVyb%2522%2C%2522displayMode%2522:%2522modal%2522%2C%2522recipient%2522:%2522opener%2522%2C%2522event%2522:%2522resize%2522%2C%2522params%2522:{%2522width%2522:500%2C%2522height%2522:0%2C%2522iframeId%2522:%2522offer-0-HIVyb%2522}}%22%2C%22sref%22:%22%22%2C%22sts%22:1627432674139%2C%22slts%22:0}
.americanbanker.com/	1970-01-20 13:35:04	Name: _ga Value: GA1.2.680092930.1627432674
.americanbanker.com/	1970-01-20 04:49:28	Name: btIdentify Value: ace68090-beca-4839-ed0e-fc21bbb8f7f3
.americanbanker.com/	1970-01-19 22:13:28	Name: _gcl_au Value: 1.1.1396572434.1627432674
.americanbanker.com/	1970-01-19 22:13:28	Name: _fbp Value: fb.1.1627432674111.1505415651
.americanbanker.com/	1970-01-19 20:03:52	Name: _dc_gtm_UA-219761-100 Value: 1
.americanbanker.com/	1970-01-19 20:05:19	Name: _uetsid Value: 0bc4a8c0ef3c11eb83695f23613d51fc

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1322) Message: Daily Email signup/modal_optin is included in HTML
console-api	log	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1326) Message: Inside IIFE
console-api	info	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1991) Message: showTemplate
console-api	info	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1992) Message: [object Object]
console-api	info	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1991) Message: showTemplate
console-api	info	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1992) Message: [object Object]
console-api	log	(Line 3) Message: Annonymous Hardgate - inline
console-api	log	(Line 4) Message: TRUNCATE CONTENT
console-api	info	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1991) Message: showTemplate
console-api	info	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1992) Message: [object Object]
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0(Line 2981) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0(Line 327) Message: Error: [$compile:nodomevents] http://errors.angularjs.org/1.2.22/$compile/nodomevents at https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:241:450 at pre (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:297:483) at v (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:289:6) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:135) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152)
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0(Line 327) Message: Error: [$compile:nodomevents] http://errors.angularjs.org/1.2.22/$compile/nodomevents at https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:241:450 at pre (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:297:483) at v (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:289:6) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:135) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at v (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:289:154) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:135) at v (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:289:154)
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0(Line 327) Message: Error: [$compile:nodomevents] http://errors.angularjs.org/1.2.22/$compile/nodomevents at https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:241:450 at pre (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:297:483) at v (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:289:6) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:135) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152) at g (https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0:282:152)
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0(Line 2981) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0(Line 2981) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.9.js(Line 32) Message: a: 0.006103515625 ms
console-api	info	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1991) Message: showTemplate
console-api	info	URL: https://www.americanbanker.com/payments/news/what-senguptas-departure-means-for-googles-payments-business(Line 1992) Message: [object Object]
console-api	log	(Line 3) Message: Annonymous Hardgate - inline
console-api	log	(Line 4) Message: TRUNCATE CONTENT
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.264.0(Line 2981) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2fc85607715e0f0e6751743ceb3f24f7.safeframe.googlesyndication.com
a.audrte.com
a.dpmsrv.com
a.teads.tv
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
adservice.google.com
ajax.googleapis.com
api-v3.tinypass.com
api.adrtx.net
api.zetaglobal.net
arizent.brightspotcdn.com
bat.bing.com
beacon.krxd.net
bit.ly
buy.tinypass.com
c1.adform.net
cdn.adsafeprotected.com
cdn.boomtrain.com
cdn.cxense.com
cdn.parsely.com
cdn.tinypass.com
cm.adsafety.net
cm.g.doubleclick.net
comcluster.cxense.com
connect.facebook.net
cookie-matching.mediarithmics.com
d10lpsik1i8c69.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eu-u.openx.net
events.api.boomtrain.com
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
ice.360yield.com
id.tinypass.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
images.newsletters.sourcemedia.com
l.sharethis.mgr.consensu.org
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
ml314.com
p1.parsely.com
pagead2.googlesyndication.com
pdw-adf.userreport.com
people.api.boomtrain.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
polyfill.io
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s.dpmsrv.com
s0.2mdn.net
s2.adform.net
s3-eu-west-1.amazonaws.com
s8t.teads.tv
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
source-media-brightspot-lower.s3.amazonaws.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.sharethis.com
sync.teads.tv
t.teads.tv
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
unpkg.com
ups.analytics.yahoo.com
vjs.zencdn.net
www.americanbanker.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.npttech.com
www.paymentssource.com
x.bidswitch.net
104.111.218.85
104.111.242.245
104.244.36.20
108.174.10.14
116.202.80.165
13.224.193.105
13.224.193.63
13.224.193.78
13.224.194.170
13.248.242.197
142.250.185.130
142.250.186.98
151.101.193.26
18.184.216.10
18.198.69.109
18.198.86.30
185.167.164.39
185.33.221.50
185.64.190.80
185.86.137.131
2.18.232.7
2.18.233.201
2.18.234.21
2.18.234.233
216.46.185.183
216.58.212.162
23.45.99.241
2600:9000:2127:4400:6:44e3:f8c0:93a1
2600:9000:21f3:1000:8:48e:53c0:93a1
2600:9000:21f3:be00:8:2b19:8600:93a1
2606:4700:3032::ac43:c0b6
2606:4700::6810:7daf
2606:4700::6811:b9b1
2606:4700::6811:bab1
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a02:26f0:6c00:19c::26e5
2a02:26f0:6c00:2b0::25ea
2a02:26f0:6c00:2bf::268b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:3::729
3.124.55.148
3.126.56.137
3.127.92.82
3.224.4.25
3.8.243.222
34.242.58.198
34.247.75.254
34.251.130.56
35.156.106.231
35.190.16.14
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.39
37.157.4.40
37.157.6.236
37.157.6.253
46.19.11.36
51.75.14.249
51.79.83.225
51.89.21.31
52.203.104.110
52.205.167.202
52.206.103.176
52.208.28.104
52.216.83.56
52.218.30.19
52.29.9.114
52.58.198.108
52.58.221.124
52.72.113.151
54.205.106.87
54.208.203.88
54.229.143.145
54.72.233.167
65.9.95.61
65.9.96.116
65.9.96.119
65.9.96.36
65.9.96.65
65.9.96.73
65.9.96.80
65.9.98.12
67.199.248.11
69.173.144.138
76.223.111.18
77.243.60.138
78.46.100.125
85.114.159.118
85.90.246.246
026d3f8c6184c7ab4876718402e72e436ee8ffcec124688c5a21ab09c25e587b
02ecc41396deceff7171d92beb888d87bb194882f1a5e7613952214f1e867d1e
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17fc9d9a001202c8e0e607e6325d0365cd466547dc3a3e11e3150ea3e00d6792
1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda
1b268dcd05a00b934b80d65e8bcaa680c29918cd2657c754edc899f7a50b830c
1e25bafcf455ab6fd80b85c71b580881cfa40d9e463ba45231fcba53a380f6d3
1f2b6c5613e703f11e27309ad9e7115cabb98e70acb07b7417a3e68b6e083e24
276eda8e913121321ea70e7cda0b7304a549607ba090e90f1e131a5e1ad90f7a
297eecd2ee065b9005e8811876f4e7ab1b86db81ffdd61e1e153a6ea6a1ec423
2ae0c0bb903c76e83981c8465b551fc28230379fbd818d18b411b13e59dea93d
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2bdff745375f9248cb7bdd2985d7e166c9ede4599e6c67b5c689ddc957b9d381
2d5f7ed178594d09e25e87cba0e328167a6e48d2508b4a4898ee7f05c21c0a69
2e02f1d2ea9361fecdbd08e32ca41f3bc2ea876cd4c9421f2b01f0b7b578c189
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301dee4d2496e2a4214aad44e7132eda24bb33cd949cc6313c6069e8f94786a6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3723bfba93c48760cfef108cddcabe3f9e57271495b008d185421d9daf9d48f8
3f5f8861a14d4d2e3231253719aeaa8eabb79948235e4ae3f8a2416b45e564eb
439c5077e37873fd04924047599ff73206e82eac735ba8df7b8c0f12f942bd19
496ec3e52e4bd98885d6bf0621d9557802302dddde718486de6f7782cf5fd900
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e797dacd0cc4f7ed80ba9e7b5f1193a1ea48337f8df3c4291034999823078c6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5369beacf41380e4c6215ba0e5c1fbf7f454dfd686276b0559b1caf04584ea65
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56b9d2d2849305918fe661cce7bdb8dcdbc83bb18c170884e625d2b2dd417210
5704029b26dbb14608c6ca98ce8b6a64ef2a0b46fb1a54b768324b13276ad539
59a717e69bec72ad009181785a1a65b674d1c01e77e04bdc718deb02a9b97671
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5
5d4b7544ef8b7a6db760fd252efaad4cdd33d1dfe0a2383586a98458b4b090ae
5f792fe255fbfcd352fe4b2f759c95980e57d8d297939e12262d9be1e87f48c4
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
68db4e8078f774c882c1fcfcd40f09d87deab50847abc870e1cd01d43901ef4b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af75d409d527be5746a2abcc10e72682a644e9e260b24aa0a89139a77944f9c
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6df780e6bdd0ca66d35501ad4ba6a9d82bf735c470f9506ea27c9544317a23e7
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3
70e6378ee18eebd27e4ad909368e89e6a236518e8fc51eed9fe42fcabba661b9
713fc9f8abe79cb80fc0207cbd722d60746e79796a09a208942691386394473a
71d67ff2283beef1b6870d8ce83f66b60b13631c0cc0fb9b0de057580c6dda74
727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
74e5e11cd8453e9dd3df30335ade7b94f014e0e8617910a8ded49f715f4bb690
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
760499e3b8003baafc3b3eeb5a7ba842e46c9495c64488723c7c62a6233124bd
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7d91bba126de404cb7ad8e98be24884b3b992152f347f50c956d2dd415b56092
7de6d8301cd970728c46d6379ab6b7aee90ba56a7f70dd9bf8257f20dba2c516
7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3
801d35b88be9b52fbcbdda294f7ce35512b7c0969f7221bba37ba066f6f2dace
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
810cc669dd96763a540cc163f0a35b3586d7783f2eaba301395522370055e633
8240d5ecefa9f0dabbc007b279fb5e76afd19fdb22aacceaa8ef5260ef34719d
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bb91e4af64b504c805d40f40cd76fc026e0add3596155f4ab064411cf3704ac
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8fd0bbce7aee59bd54afd2160062cf4d80a8f2362b8a3a921ecb918fe1e5570f
9062b283108aee3d80a32cada8435bd6e2b642f3532de4ec9460136e98d6bc3e
91c87779371c1a7375efa0f5737374dd07b3a3d96c9ec1adcde1cf2071e086bd
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
940fbdac552f933897115c54607c9bca3749a1ae8e8f3c4f4e5934205b8093a9
96d1628388f2ff257a020fae75fb9a9a37e9131462975ffdd39dbab1077324a6
9a018b16e6a1ff36193038c0dad70c6058eaa9c5e43a407454da66f72dcd8ca3
9d3525c2cb0074cbe4bff3bd293ab8d68f92efa8c07ef508829566419009046e
9f35c0550dedd110dcc2b03ef02c24f07e02da7024a50bdb841c137ae2c74992
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13c622e43ea284fa0f861a143dc974a6f6a8705a757074e9eee9703e9fca7db
a1d5825631c3829c30ecb200cc2ca26ccc8d05bcc32f41c73058ae80673c60a3
a43dcb4ab11a7402cae5fe0884087501fb20f13908cd2ac4afe8645afcc949ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6bd2edc70ad4d3c61ba9d86c1853b241bb3003499b869c91a2c70832c08bbf1
a6f4ba4b5a12104d419230d24e6afe83590d70f2b1f8b180a55aab1494a8bbf2
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab33c235c670da8c30b661bd6f4315ca5b2c2774857c10cfa050b27c7a8a4b7a
ade877f59659e001e030bcf424ecf75febaf1574fbe15e3a77d8055871f53097
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c0bf2ffd17947ef568c786a47a930113f516a10a09b72485363621d110ff207b
c184acdc23748c6087cfcc50f01fc844a6448c7bacacf334b1fcfaefa4d98940
c1b23efe41c75c1297fad1f71a174e299697bf7f3db0f742ccc00a83ce431630
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3c1db1885b0f1d07ded84a1dd2b4aa9e5a150e74c37c6f27e9ad9e76820ee84
c4d0274e2425e11c08c39da615afc9589f82dc6026f680278851013dbadff2a6
cc9e27271d22a438a52ede05be19d3ba0ee32c13782dd2ea2b47f4d28e27f9b6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2640684636d3984627b6e5266bc1df454b4e5ea6e2b0696d8c68ab6a0b99cbf
d5e1876373576f4110b6ad82c25041aa2e9762cc4a417939eeb20e654818a818
d68147303e44c09c68ccf414aa2538cf8c6427d3f1282c71f112f93fe1da7faf
d6e42eaea0904f9c91f78bee317110bd68797ebab8903801c697ecb6b22136c8
d84b4826439e5fec8c6e40c70b76f0a3e9d0978e74c4988da8a42250d656bee1
dafbd770edd547fe58d4b1022317df48ccb4e1d0c963294781d667e39b4e6524
ddbe62de5ae24097612d0546735d390e3202e985da76fd4fb2a4fa31c29fd1e1
df4bd877d6266b7cf8d6494e509d20fc3f8f0ab0048f847669c46721d128e769
e34be88f7e32ad4c511f28cb9ac4383cc27d9694e686cdda373c23f40aa36e46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5045d2f5cd26bd9292bbe18b5d7ad8f604f8d2a44d9bd011b73e83c0d6e8df4
e5c57b4baf884989170e3b3b753a2f9abee35e245919ff243b319ddf437e780a
e6a1b5b9977a38e0c560dede3a05c84af90c17afedf8c78e1e998a8f9b665213
eb7983d2341e3c5a4f7fc33d9b8b490857187164e114ab36896886845d512206
ebf3fe00a4717363c2aeb2c3013c0a2a2945135f89c93b740613bec5bf967b4c
ec05a5fbf3d0731fa0027e214e956b5ef61d4bf1330a4759d481744cc2df4e1e
ec70cfb1ce0aed65c10ebc00451fef58c830dbe4c02db1ba4115e7e3442c3c80
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcdfe14d4069fb8b74cfdb22f7746b3b3258cbfdf1d6ca641ce505ffc40cfbf
f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b
f0f5825ba2a4ed475af0c9c69d3c46f83d4c62893dcb70c79c529610bc4b1cf7
f69442d82e5c60eb36ff44fa4cc08f941a7cd522aa3d39f0ebf070eca81cc6b6
facf1d5bfcfa35d7ac5e974c4c78c8f5358ee469cc1592419da376713c52a9a6
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fcb2f294b4f8e6cd49796be296dcb143d934e89d91475963ecd36912cad1f688
fe9ba222e604fb3c387015541377b3fa29d19a2e708ddc9958b2d2abb87882c4
ff4c752ea5d84913f292bb4a85dff5c2a7d7e045a1cb76779c3fe0a5279c2124

www.americanbanker.com Open in urlscan Pro 65.9.96.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

248 Requests

100 %HTTPS

31 %IPv6

83 Domains

115 Subdomains

92 IPs

10 Countries

4845 kBTransfer

14508 kBSize

34 Cookies

24 Outgoing links

Page URL History

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.americanbanker.com Open in urlscan Pro
65.9.96.116 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

100 %
HTTPS

31 %
IPv6

83
Domains

115
Subdomains

92
IPs

10
Countries

4845 kB
Transfer

14508 kB
Size

34
Cookies

248 HTTP transactions
3 data transactions