urlscan.io logo urlscan.io
SecurityTrails logo

uat.kwealthplus.kasikornbank.com Open in urlscan Pro
13.32.99.119  Public Scan

Go To Rescan Add Verdict Report
URL: https://uat.kwealthplus.kasikornbank.com/
Submission: On September 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 25 HTTP transactions. The main IP is 13.32.99.119, located in United States and belongs to AMAZON-02, US. The main domain is uat.kwealthplus.kasikornbank.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 30th 2020. Valid for: a year.
This is the only time uat.kwealthplus.kasikornbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 13.32.99.119 16509 (AMAZON-02)
1 172.217.18.106 15169 (GOOGLE)
3 2.18.232.23 16625 (AKAMAI-AS)
2 52.214.44.171 16509 (AMAZON-02)
1 34.250.85.122 16509 (AMAZON-02)
1 1 34.249.249.121 16509 (AMAZON-02)
8 8 151.101.66.49 54113 (FASTLY)
1 2 142.250.185.226 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 2 37.252.172.249 29990 (ASN-APPNEX)
1 2 34.98.64.218 15169 (GOOGLE)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 31.13.92.36 32934 (FACEBOOK)
25 14
10    13.32.99.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-119.fra60.r.cloudfront.net
uat.kwealthplus.kasikornbank.com
1    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f10.1e100.net
fonts.googleapis.com
3    2.18.232.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
assets.adobedtm.com
2    52.214.44.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.250.85.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-85-122.eu-west-1.compute.amazonaws.com
kbtg.demdex.net
1    34.249.249.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-249-121.eu-west-1.compute.amazonaws.com
cm.everesttech.net
8    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com
www.facebook.com
Domain Requested by
10 uat.kwealthplus.kasikornbank.com uat.kwealthplus.kasikornbank.com
8 sync-tm.everesttech.net 8 redirects
3 assets.adobedtm.com uat.kwealthplus.kasikornbank.com
assets.adobedtm.com
2 sync.search.spotxchange.com 1 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 cm.g.doubleclick.net 1 redirects
2 dpm.demdex.net assets.adobedtm.com
1 www.facebook.com
1 image2.pubmatic.com
1 pixel.rubiconproject.com
1 cm.everesttech.net 1 redirects
1 kbtg.demdex.net assets.adobedtm.com
1 fonts.googleapis.com client
25 15

This site contains no links.

Subject Issuer Validity Valid
uat.kwealthplus.kasikornbank.com
Entrust Certification Authority - L1K		 2020-09-30 -
2021-10-17		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://uat.kwealthplus.kasikornbank.com/
Frame ID: 421C15DC5CF33555F69B5496A0E9189D
Requests: 18 HTTP requests in this frame

Frame: https://kbtg.demdex.net/dest5.html?d_nsid=0
Frame ID: BCC7EEB73A768BE63DBC369FE7AEDECC
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ROBO Advisor

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

14
IPs

5
Countries

2484 kB
Transfer

2824 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://cm.everesttech.net/cm/dd?d_uuid=45525587404278511600786356403202379482 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUlZywAAAMJi0AQp
Request Chain 18
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVVsWnl3QUFBTUppMEFRcA== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVVsWnl3QUFBTUppMEFRcA==&google_tc=
Request Chain 19
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YUlZywAAAMJi0AQp&expires=90
Request Chain 20
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUlZywAAAMJi0AQp HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUlZywAAAMJi0AQp&C=1
Request Chain 21
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YUlZywAAAMJi0AQp HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYUlZywAAAMJi0AQp
Request Chain 22
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YUlZywAAAMJi0AQp HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YUlZywAAAMJi0AQp
Request Chain 23
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUlZywAAAMJi0AQp
Request Chain 24
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUlZywAAAMJi0AQp&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUlZywAAAMJi0AQp&img=1&__user_check__=1&sync_id=044ab892-1a91-11ec-93ab-1ef5e1e50306
Request Chain 25
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YUlZywAAAMJi0AQp&t=2592000&o=0

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uat.kwealthplus.kasikornbank.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
68220f4637efa5b00c18f5604a8c76ebd5ccf09123faf74681f93aa59a68bb3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
uat.kwealthplus.kasikornbank.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Tue, 21 Sep 2021 04:04:22 GMT
last-modified
Mon, 20 Sep 2021 16:04:07 GMT
etag
W/"6148b0f7-8b0"
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
x-frame-options
SAMEORIGIN
cache-control
no-store, no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
set-cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; path=/; HttpOnly; Secure TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
x-cache
Miss from cloudfront
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
RSHig-e8FtgDow_aaypSvm8ZPTfeyn7FC94OuBBPDmJaTXc_u5dHew==
jquery.min.js
uat.kwealthplus.kasikornbank.com/assets/lib/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/assets/lib/js/jquery.min.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/assets/lib/js/jquery.min.js
pragma
no-cache
cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
uat.kwealthplus.kasikornbank.com
referer
https://uat.kwealthplus.kasikornbank.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
vary
Accept-Encoding
last-modified
Mon, 20 Sep 2021 16:04:05 GMT
x-frame-options
SAMEORIGIN
etag
W/"6148b0f5-14e4a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
cache-control
no-store, no-cache
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
set-cookie
TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
x-amz-cf-id
MKS1yW2t8dxPRjfKNTA7YRbEFjY9oZOotDeRGpZBii9dJ_VkOtsiPw==
jquery-migrate.min.js
uat.kwealthplus.kasikornbank.com/assets/lib/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/assets/lib/js/jquery-migrate.min.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/assets/lib/js/jquery-migrate.min.js
pragma
no-cache
cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
uat.kwealthplus.kasikornbank.com
referer
https://uat.kwealthplus.kasikornbank.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
vary
Accept-Encoding
last-modified
Mon, 20 Sep 2021 16:04:05 GMT
x-frame-options
SAMEORIGIN
etag
W/"6148b0f5-2748"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
cache-control
no-store, no-cache
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
set-cookie
TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
x-amz-cf-id
c_3eCd39M01FFpUp1e3RewCqkn9rdQiR3iVUHuHYLekjC23lQ1ZMEQ==
jquery.mobile.min.js
uat.kwealthplus.kasikornbank.com/assets/lib/js/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/assets/lib/js/jquery.mobile.min.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
2ec93e0833cecd36a92e8033596d06fd6790795892dc5333cb0a733d957c4979
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/assets/lib/js/jquery.mobile.min.js
pragma
no-cache
cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
uat.kwealthplus.kasikornbank.com
referer
https://uat.kwealthplus.kasikornbank.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
vary
Accept-Encoding
last-modified
Mon, 20 Sep 2021 16:04:05 GMT
x-frame-options
SAMEORIGIN
etag
W/"6148b0f5-30dcf"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
cache-control
no-store, no-cache
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
set-cookie
TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
x-amz-cf-id
6o-1hUGa-50BdwhH-LgI12_NIH6tKeI8PpdNWhd6_QlasQGIHNVbug==
mobiscroll.core.js
uat.kwealthplus.kasikornbank.com/assets/lib/js/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/assets/lib/js/mobiscroll.core.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
2809d34eb97eb0e7cf1026e7d06d958d41b55663dac0db5b666c075f6040f1f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/assets/lib/js/mobiscroll.core.js
pragma
no-cache
cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
uat.kwealthplus.kasikornbank.com
referer
https://uat.kwealthplus.kasikornbank.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
vary
Accept-Encoding
last-modified
Mon, 20 Sep 2021 16:04:05 GMT
x-frame-options
SAMEORIGIN
etag
W/"6148b0f5-9654"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
cache-control
no-store, no-cache
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
set-cookie
TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
x-amz-cf-id
bCddrjwLIKIwLo1D88ENx2nVN3ipqrzdhVg5JffljxuGN4PZuGIjOw==
mobiscroll.select.js
uat.kwealthplus.kasikornbank.com/assets/lib/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/assets/lib/js/mobiscroll.select.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
18c5a7104dd29be3018cb34be9f30de7526522bc6f5108782a9a7ffb0ada68c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/assets/lib/js/mobiscroll.select.js
pragma
no-cache
cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
uat.kwealthplus.kasikornbank.com
referer
https://uat.kwealthplus.kasikornbank.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
vary
Accept-Encoding
last-modified
Mon, 20 Sep 2021 16:04:05 GMT
x-frame-options
SAMEORIGIN
etag
W/"6148b0f5-2e00"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
cache-control
no-store, no-cache
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
set-cookie
TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
x-amz-cf-id
MNV58XdvcmmFlQLb-wVeEWEAbYlTyyfYw5ysggSSTD1eCZ9cZ7128A==
mobiscroll.ios.js
uat.kwealthplus.kasikornbank.com/assets/lib/js/ 		323 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/assets/lib/js/mobiscroll.ios.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
5f644e0955c391d1f34757eeea003933663bb5b295c8c55837f84ecb63a717e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/assets/lib/js/mobiscroll.ios.js
pragma
no-cache
cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
uat.kwealthplus.kasikornbank.com
referer
https://uat.kwealthplus.kasikornbank.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:23 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
323
last-modified
Mon, 20 Sep 2021 16:04:05 GMT
x-frame-options
SAMEORIGIN
etag
"6148b0f5-143"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
no-store, no-cache
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
set-cookie
TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
accept-ranges
bytes
x-amz-cf-id
gIHGd3R8CXGXNJfEFmXVgzzNsChX40auPaOoMc2E0I-nG7sfOIztHw==
vendor-01.ac4bb4.js
uat.kwealthplus.kasikornbank.com/build/ 		896 KB
898 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/build/vendor-01.ac4bb4.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
d6d90332389c809910b51125f3250c92b56b8ec3aaba05de12abefe3b86d44e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/build/vendor-01.ac4bb4.js
pragma
no-cache
cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
uat.kwealthplus.kasikornbank.com
referer
https://uat.kwealthplus.kasikornbank.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:23 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
918009
last-modified
Mon, 20 Sep 2021 16:04:06 GMT
x-frame-options
SAMEORIGIN
etag
"6148b0f6-e01f9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
no-store, no-cache
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
set-cookie
TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
accept-ranges
bytes
x-amz-cf-id
K7myyUcQQNFsQKI3m80k0Ab1ViUAkYCGUYO1Mn9ZaiPshDlledu6dQ==
vendor-02.ac4bb4.js
uat.kwealthplus.kasikornbank.com/build/ 		793 KB
794 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/build/vendor-02.ac4bb4.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
8725131e4b3322e944e80e441c87ca08a3b5a58ba788d8124cb59362d717b7e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/build/vendor-02.ac4bb4.js
pragma
no-cache
cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
uat.kwealthplus.kasikornbank.com
referer
https://uat.kwealthplus.kasikornbank.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:23 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
811784
last-modified
Mon, 20 Sep 2021 16:04:06 GMT
x-frame-options
SAMEORIGIN
etag
"6148b0f6-c6308"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
no-store, no-cache
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
set-cookie
TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
accept-ranges
bytes
x-amz-cf-id
ErPgR8g0ZCSkSzKse0YAWmJGAgT6cOBjuKVq9_77e07PLKhH3RMMjg==
js.ac4bb4.js
uat.kwealthplus.kasikornbank.com/build/ 		620 KB
622 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat.kwealthplus.kasikornbank.com/build/js.ac4bb4.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-119.fra60.r.cloudfront.net
Software
/
Resource Hash
b45f2dc0a044b015ad803549d0be549d0de3c06e6e56b41f7c62dd1d11ebeda7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/build/js.ac4bb4.js
pragma
no-cache
cookie
90f0ff20b58f92d917b20d134a3c3f34=3161384df32e81c9040e15de44557b83; TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
uat.kwealthplus.kasikornbank.com
referer
https://uat.kwealthplus.kasikornbank.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:23 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
635119
last-modified
Mon, 20 Sep 2021 16:04:06 GMT
x-frame-options
SAMEORIGIN
etag
"6148b0f6-9b0ef"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
no-store, no-cache
content-security-policy
frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
set-cookie
TS016e3d94=01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7; Path=/; Domain=.uat.kwealthplus.kasikornbank.com
accept-ranges
bytes
x-amz-cf-id
9OC8_KXEJaGzXLouA97TVDh5k9QOr_AMEQ-VNHWBMTpzAH5DPfbB8g==
css
fonts.googleapis.com/ 		3 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
ESF /
Resource Hash
d5f1c76620875851a634bc5349bc3177c262f6bfbfb5fcfa7c7b1ff91d1bd36d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 02:19:37 GMT
server
ESF
date
Tue, 21 Sep 2021 04:04:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Sep 2021 04:04:26 GMT
launch-27f1643b984b-development.min.js
assets.adobedtm.com/9693e27fd138/091b40dfb68c/ 		125 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/9693e27fd138/091b40dfb68c/launch-27f1643b984b-development.min.js
Requested by
Host: uat.kwealthplus.kasikornbank.com
URL: https://uat.kwealthplus.kasikornbank.com/build/js.ac4bb4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1ab248a2c2d9a698068d3b856cf78c01e5b1af215dfe485bedb54e17842dc920

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 04:04:27 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 13:07:39 GMT
server
AkamaiNetStorage
etag
"e840a646ab99a8477f486098d1c9fb21:1603285659.141866"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://uat.kwealthplus.kasikornbank.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
37763
expires
Tue, 21 Sep 2021 04:04:27 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab0cd4f40ec054131c35ba475648138e20c0b8bb6add4ae857f55fd0b713e89e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46774E025B454A0F0A495E2C%40AdobeOrg&d_nsid=0&ts=1632197067641
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9693e27fd138/091b40dfb68c/launch-27f1643b984b-development.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.44.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
be7036f213c054731d52409d8d56eb2b2598c15a189d3cd55221320dd984f8c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://uat.kwealthplus.kasikornbank.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v016-05db43e45.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
PW8bJNT7Thg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://uat.kwealthplus.kasikornbank.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
894
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9693e27fd138/091b40dfb68c/launch-27f1643b984b-development.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:27 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://uat.kwealthplus.kasikornbank.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Tue, 21 Sep 2021 05:04:27 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9693e27fd138/091b40dfb68c/launch-27f1643b984b-development.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:27 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://uat.kwealthplus.kasikornbank.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Tue, 21 Sep 2021 05:04:27 GMT
dest5.html
kbtg.demdex.net/ Frame BCC7 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kbtg.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9693e27fd138/091b40dfb68c/launch-27f1643b984b-development.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.85.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-85-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
kbtg.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uat.kwealthplus.kasikornbank.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=45525587404278511600786356403202379482
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 21 Sep 2021 04:04:27 GMT
DCS
dcs-prod-irl1-2-v016-091e33eb3.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 8 Sep 2021 15:27:47 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
4uGvZYLbRqs=
Content-Length
2791
Connection
keep-alive
ibs:dpid=411&dpuuid=YUlZywAAAMJi0AQp
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=45525587404278511600786356403202379482
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUlZywAAAMJi0AQp
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUlZywAAAMJi0AQp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.44.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.kwealthplus.kasikornbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v016-0dff8510d.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rVGWem8OQEI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUlZywAAAMJi0AQp
Date
Tue, 21 Sep 2021 04:04:27 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
pixel
cm.g.doubleclick.net/ Frame BCC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVVsWnl3QUFBTUppMEFRcA==
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVVsWnl3QUFBTUppMEFRcA==&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVVsWnl3QUFBTUppMEFRcA==&google_tc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kbtg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 04:04:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 04:04:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVVsWnl3QUFBTUppMEFRcA==&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame BCC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YUlZywAAAMJi0AQp&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YUlZywAAAMJi0AQp&expires=90
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kbtg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 04:04:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632197068.061455,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YUlZywAAAMJi0AQp&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame BCC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUlZywAAAMJi0AQp
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUlZywAAAMJi0AQp&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUlZywAAAMJi0AQp&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kbtg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 04:04:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 21 Sep 2021 04:04:28 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 04:04:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUlZywAAAMJi0AQp&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Tue, 21 Sep 2021 04:04:28 GMT
bounce
ib.adnxs.com/ Frame BCC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YUlZywAAAMJi0AQp
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYUlZywAAAMJi0AQp
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYUlZywAAAMJi0AQp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kbtg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 04:04:28 GMT
X-Proxy-Origin
216.131.114.144; 216.131.114.144; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1b23b108-f859-41d1-ab77-7fb740622dee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 04:04:28 GMT
X-Proxy-Origin
216.131.114.144; 216.131.114.144; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c001355c-d2a6-4045-9235-c4f62043958d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYUlZywAAAMJi0AQp
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BCC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YUlZywAAAMJi0AQp
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YUlZywAAAMJi0AQp
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YUlZywAAAMJi0AQp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kbtg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 04:04:28 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YUlZywAAAMJi0AQp
date
Tue, 21 Sep 2021 04:04:28 GMT
via
1.1 google
server
OXGW/16.216.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame BCC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUlZywAAAMJi0AQp
1 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUlZywAAAMJi0AQp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kbtg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:04:26 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:407
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 04:04:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632197068.464717,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUlZywAAAMJi0AQp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame BCC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUlZywAAAMJi0AQp&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUlZywAAAMJi0AQp&img=1&__user_check__=1&sync_id=044ab892-1a91-11ec-93ab-1ef5e1e50306
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUlZywAAAMJi0AQp&img=1&__user_check__=1&sync_id=044ab892-1a91-11ec-93ab-1ef5e1e50306
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kbtg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 04:04:28 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
89
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 21 Sep 2021 04:04:28 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YUlZywAAAMJi0AQp&img=1&__user_check__=1&sync_id=044ab892-1a91-11ec-93ab-1ef5e1e50306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
1
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame BCC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YUlZywAAAMJi0AQp&t=2592000&o=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YUlZywAAAMJi0AQp&t=2592000&o=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kbtg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 21:04:28 PDT
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
Gwl/aR93kh4iYSlu/CRe4Vt8H1iAJH+d/Ns7jRRIY8Cf0fv4hdhY0wx16XyHrQZZ89qTRTRUGLIrtj4a9yctgw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
expires
Mon, 20 Sep 2021 21:04:28 PDT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 04:04:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632197069.666604,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YUlZywAAAMJi0AQp&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| externalJQuery undefined| digitalData function| webpackJsonp object| __core-js_shared__ object| IntlPolyfill function| setSessionId function| verifyEmailSuccess function| verifyEmailFail function| goToPage function| displayErrorMessage function| updateProfilePicture function| verifyPinSuccess function| setPhoto function| verifyPinFail function| back function| verifyAuthenFrameworkSuccess function| verifyAuthenFrameworkDecline function| verifyAuthenFrameworkFailure function| verifyAuthenFrameworkCancel object| CTRL function| checkKplusVersion object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s

21 Cookies

Domain/Path Name / Value
uat.kwealthplus.kasikornbank.com/ Name: 90f0ff20b58f92d917b20d134a3c3f34
Value: 3161384df32e81c9040e15de44557b83
.uat.kwealthplus.kasikornbank.com/ Name: TS016e3d94
Value: 01f8ee6256e1f0f896b6cf10919a9c368e03f36d2e24174f460de46992e636023b5ed233627cb0f0229164f0b3ca3f58a2826d086346c9f4fbbc5359816ec3fa0579c42bd7
.demdex.net/ Name: demdex
Value: 45525587404278511600786356403202379482
.kasikornbank.com/ Name: AMCVS_46774E025B454A0F0A495E2C%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YUlZywAAAMJi0AQp
.dpm.demdex.net/ Name: dpm
Value: 45525587404278511600786356403202379482
.kasikornbank.com/ Name: AMCV_46774E025B454A0F0A495E2C%40AdobeOrg
Value: 359503849%7CMCIDTS%7C18892%7CMCMID%7C46024014931575749480728247442127221350%7CMCAAMLH-1632801867%7C6%7CMCAAMB-1632801867%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1632204267s%7CNONE%7CMCSYNCSOP%7C411-18899%7CvVersion%7C5.0.1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.adnxs.com/ Name: uuid2
Value: 7231886299074851303
.casalemedia.com/ Name: CMID
Value: YUlZzNCj5UZ643AcE-Nq1AAA
.casalemedia.com/ Name: CMPS
Value: 3180
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2C%uv8Kk-!]tbPl1MwL(!R7qUY$*u>2pk<YWJXkA2PS^D#L.bgyKa%/X%W#.wL5oa9/sZwfzrVAeSAtYdK(.(lOfM!x'.8*[07U
.casalemedia.com/ Name: CMPRO
Value: 1176
.casalemedia.com/ Name: CMST
Value: YUlZzGFJWcwA
.casalemedia.com/ Name: CMRUM3
Value: 58614959cc2760YUlZywAAAMJi0AQp
.openx.net/ Name: i
Value: 965e1ee8-ab60-464d-9e6d-f4f697897b6e|1632197068
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YUlZywAAAMJi0AQp&KRTB&23194-YUlZywAAAMJi0AQp&KRTB&23209-YUlZywAAAMJi0AQp&KRTB&23244-YUlZywAAAMJi0AQp
.pubmatic.com/ Name: PugT
Value: 1632197066
.pubmatic.com/ Name: PUBMDCID
Value: 3
.spotxchange.com/ Name: audience
Value: 044ab848-1a91-11ec-93ab-1ef5e1e50306
.demdex.net/ Name: dextp
Value: 144230-1-1632197067955|144231-1-1632197068056|144232-1-1632197068157|144233-1-1632197068258|144234-1-1632197068359|144235-1-1632197068460|144236-1-1632197068561|144237-1-1632197068662

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.adobedtm.com *.demdex.net *.everesttech.net kasikornbankpubliccompany.sc.omtrdc.net data: fonts.gstatic.com fonts.googleapis.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
ib.adnxs.com
image2.pubmatic.com
kbtg.demdex.net
pixel.rubiconproject.com
sync-tm.everesttech.net
sync.search.spotxchange.com
uat.kwealthplus.kasikornbank.com
us-u.openx.net
www.facebook.com
13.32.99.119
142.250.185.226
151.101.66.49
172.217.18.106
185.64.189.110
185.94.180.125
2.18.232.23
2.18.234.21
31.13.92.36
34.249.249.121
34.250.85.122
34.98.64.218
37.252.172.249
52.214.44.171
69.173.144.139
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18c5a7104dd29be3018cb34be9f30de7526522bc6f5108782a9a7ffb0ada68c9
1ab248a2c2d9a698068d3b856cf78c01e5b1af215dfe485bedb54e17842dc920
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2809d34eb97eb0e7cf1026e7d06d958d41b55663dac0db5b666c075f6040f1f3
2ec93e0833cecd36a92e8033596d06fd6790795892dc5333cb0a733d957c4979
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f644e0955c391d1f34757eeea003933663bb5b295c8c55837f84ecb63a717e5
68220f4637efa5b00c18f5604a8c76ebd5ccf09123faf74681f93aa59a68bb3d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8725131e4b3322e944e80e441c87ca08a3b5a58ba788d8124cb59362d717b7e0
ab0cd4f40ec054131c35ba475648138e20c0b8bb6add4ae857f55fd0b713e89e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b45f2dc0a044b015ad803549d0be549d0de3c06e6e56b41f7c62dd1d11ebeda7
be7036f213c054731d52409d8d56eb2b2598c15a189d3cd55221320dd984f8c3
d5f1c76620875851a634bc5349bc3177c262f6bfbfb5fcfa7c7b1ff91d1bd36d
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d6d90332389c809910b51125f3250c92b56b8ec3aaba05de12abefe3b86d44e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629