banks.cam Open in urlscan Pro
18.159.80.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.banks.cam/
Effective URL:
https://banks.cam/
Submission: On August 12 via automatic, source certstream-suspicious (August 12th 2021, 2:57:06 am UTC)

Summary HTTP 68 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 9 domains to perform 68 HTTP transactions. The main IP is 18.159.80.129, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is banks.cam.
TLS certificate: Issued by R3 on July 15th 2021. Valid for: 3 months.

This is the only time banks.cam was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	18.159.80.129 18.159.80.129	16509 (AMAZON-02) (AMAZON-02)
13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3036::ac43:a1d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.158.98.109 18.158.98.109	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:ae00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:217... 2600:9000:2175:2600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
68	15

27 18.159.80.129 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

www.banks.cam	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banks.cam	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::ac43:a1d1 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.98.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ae00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2175:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e7f2ce123870d2b8d1b5ed111e109ca3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	banks.cam 1 redirects www.banks.cam banks.cam	191 KB
13	doubleclick.net securepubads.g.doubleclick.net	167 KB
8	google.com adservice.google.com www.google.com	2 KB
7	google.de adservice.google.de	897 B
4	ezodn.com go.ezodn.com	216 KB
3	googlesyndication.com e7f2ce123870d2b8d1b5ed111e109ca3.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	18 KB
3	ezoic.net g.ezoic.net go.ezoic.net	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
1	quantcount.com rules.quantcount.com	428 B
68	9

	Domain	Requested by
26	banks.cam	banks.cam
13	securepubads.g.doubleclick.net	banks.cam securepubads.g.doubleclick.net
7	adservice.google.com	securepubads.g.doubleclick.net
7	adservice.google.de	securepubads.g.doubleclick.net
4	go.ezodn.com	banks.cam
2	g.ezoic.net	banks.cam
1	www.google.com	tpc.googlesyndication.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	banks.cam
1	e7f2ce123870d2b8d1b5ed111e109ca3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	banks.cam
1	go.ezoic.net	banks.cam
1	www.banks.cam	1 redirects
68	15

This site contains links to these domains. Also see Links.

Domain
interland3.donorperfect.net
www.ezoic.com

Subject Issuer	Validity	Valid
banks.cam R3	`2021-07-15` - `2021-10-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
ezoic.net R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
*.ezoic.net Amazon	`2021-02-15` - `2022-03-16`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://banks.cam/
Frame ID: 141E3A35396A4C0EE5183AB09B2623A9
Requests: 65 HTTP requests in this frame

Frame: https://e7f2ce123870d2b8d1b5ed111e109ca3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 054190862EB3D6BC3FEE6E672DA4D888
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 90C2A0EA65AE8578AA685365B2104212
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EFF325ABA6D8CBA11980890D5CE036C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.banks.cam/ HTTP 301
https://banks.cam/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

68
Requests

99 %
HTTPS

79 %
IPv6

9
Domains

15
Subdomains

15
IPs

2
Countries

605 kB
Transfer

1716 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://interland3.donorperfect.net/weblink/WebLink.aspx?name=E166186&id=20

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.banks.cam/ HTTP 301
https://banks.cam/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
banks.cam/
Redirect Chain

https://www.banks.cam/
https://banks.cam/

136 KB
26 KB

204ms
194ms

Document
text/html

18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://banks.cam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

11c4132ca8ed6180b2499ffe3c3335ca76fbd0b8a87855574d2ea0ac17397f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: banks.cam
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 12 Aug 2021 02:56:49 GMT
display: pub_site_sol
expires: Wed, 11 Aug 2021 02:56:49 GMT
last-modified: Thu, 15 Jul 2021 04:48:42 GMT
pagespeed: off
response: 200
server: nginx
set-cookie: ezoadgid_236796=-1; Path=/; Domain=banks.cam; Expires=Thu, 12 Aug 2021 03:26:48 UTC ezoref_236796=; Path=/; Domain=banks.cam; Expires=Thu, 12 Aug 2021 04:56:48 UTC ezoab_236796=mod1; Path=/; Domain=banks.cam; Expires=Thu, 12 Aug 2021 04:56:48 UTC active_template::236796=pub_site.1628737008; Path=/; Domain=banks.cam; Expires=Sat, 14 Aug 2021 02:56:48 UTC ezopvc_236796=1; Path=/; Domain=banks.cam; Expires=Thu, 12 Aug 2021 03:26:49 UTC ezepvv=0; Path=/; Domain=banks.cam; Expires=Fri, 13 Aug 2021 02:56:49 UTC ezovid_236796=967082813; Path=/; Domain=banks.cam; Expires=Thu, 12 Aug 2021 03:26:49 UTC lp_236796=https://banks.cam/; Path=/; Domain=banks.cam; Expires=Thu, 12 Aug 2021 03:26:49 UTC ezovuuidtime_236796=1628737009; Path=/; Domain=banks.cam; Expires=Sat, 14 Aug 2021 02:56:49 UTC ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; Path=/; Domain=banks.cam; Expires=Thu, 12 Aug 2021 03:26:49 UTC ezCMPCCS=true; Path=/; Domain=banks.cam; Expires=Fri, 12 Aug 2022 02:56:49 GMT
vary: Accept-Encoding Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-ezoic-cdn: Hit ds;mm;22739c4981027b5e56c81ad8860409de;2-236796-0;18571ff9-97eb-420d-7d79-5c5afc1e369b
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-server-powered-by: Engintron
x-sol: pub_site
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=7776000
content-type: text/html; charset=UTF-8
date: Thu, 12 Aug 2021 02:56:48 GMT
display: staticcontent_sol
location: https://banks.cam/
pagespeed: off
response: 301
server: nginx
vary: Accept-Encoding User-Agent,Accept-Encoding,Origin
x-content-type-options: nosniff
x-ezoic-cdn: Hit ds;mm;31c3887684fb8beaf1a41f945a7b7874;2-236796-0;1048b200-fb4e-4a74-6d9e-d1a158db1649
x-middleton-display: staticcontent_sol
x-middleton-response: 301
x-redirect-by: WordPress
x-server-powered-by: Engintron
x-sol: pub_site
x-xss-protection: 1; mode=block
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 37ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: banks.cam
URL: https://banks.cam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d66f3afca55ccc3a3845d431dcc40e87c2b8c7319f7d8de5adf1d3c0990d8948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "956 / 748 of 1000 / last-modified: 1628719812"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25188
x-xss-protection: 0
expires: Thu, 12 Aug 2021 02:56:49 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 219 KB
68 KB 164ms
67ms Script
application/javascript 2606:4700:3036::ac43:a1d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=oftmedia&cb=195-0-26
Requested by: Host: banks.cam
URL: https://banks.cam/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cbdb9e03dbd4d47a16668213d8825cbff6f7a7916aa64dd43b700a5c2045001

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1658801
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LO1uQspeO1BFV%2FOLcrv%2F78i42q9nwjull3AH6n0JL5Fj48qT8dz9yQDNNo1qeOkvQq%2Fggo2vLk%2FcFgEntKNe7RSvxzSDhDhVMGCMJ%2FRjrjWYRzaFzke62bKX8SzfCppmAX6nTOFl48SXK1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 67d66ec40980f156-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 845187df6bf580ca097500b3f7009dac.css
banks.cam/wp-content/cache/min/1/ 245 KB
31 KB 49ms
49ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://banks.cam/wp-content/cache/min/1/845187df6bf580ca097500b3f7009dac.css

Requested by

Host: banks.cam
URL: https://banks.cam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

895abe26b54281effc84c78e5dadcff347f17418342cd9946f5f174eb415106c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/min/1/845187df6bf580ca097500b3f7009dac.css
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;620599972bdaf68bd6cbd17d285ef65e;2-236796-0;bf73fb93-52db-43e7-4d0c-94b912b25c98
x-middleton-display: staticcontent_sol, orig_site_sol
x-server-powered-by: Engintron
x-middleton-response: 200
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000

GET
H2 200 cropped-Banks-3.png
banks.cam/wp-content/uploads/2020/08/ 5 KB
5 KB 171ms
170ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banks.cam/wp-content/uploads/2020/08/cropped-Banks-3.png

Requested by

Host: banks.cam
URL: https://banks.cam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

171c16244ad0112066e677119b5b588083875f9806f94378bcaebc4e16008b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/cropped-Banks-3.png
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;ds;9dca8ca6f121b1b4daf9d02beb3b7832;2-236796-0;75851162-50dc-4890-7a68-5879214d2a27
x-middleton-display: staticcontent_sol, staticcontent_sol
x-server-powered-by: Engintron
x-middleton-response: 200
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
vary: Accept-Encoding User-Agent,Origin,Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000

GET
H2 200 banger.js Show response
banks.cam/porpoiseant/ 44 KB
10 KB 21ms
20ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/banger.js?cb=195-0&bv=57&v=51&PageSpeed=off
Requested by: Host: banks.cam
URL: https://banks.cam/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 29d9826d733409fe41024888e28fb6e18485a64cb1566eebc940c6def796c2c6

Request headers

:path: /porpoiseant/banger.js?cb=195-0&bv=57&v=51&PageSpeed=off
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 555 B
557 B 58ms
20ms Script
text/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: banks.cam
URL: https://banks.cam/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6903bfe5c0110c3f8321225f5ae3ac1625fecde2b2baf40f38da200291ffbab3

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
etag: f703704940a0369080975aaa17ec2f68
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cache-control: max-age=999999, private
content-length: 276
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
H2 200 cmbv2.js Show response
banks.cam/detroitchicago/ 73 KB
20 KB 30ms
30ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Requested by: Host: banks.cam
URL: https://banks.cam/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 83fed108e3bbb5d9d8487cafc7f805381db55d7a6fd24d4c4ac584e0bd2f0ce3

Request headers

:path: /detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 61ms
12ms Image
image/png 2600:9000:2156:ae00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: banks.cam
URL: https://banks.cam/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ae00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 10:44:18 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
x-sol: middleton
age: 490351
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: YSrPnWwilVXy4GAA-dFjLQtULQl6xWo2SAk0ELj8aTQZVB_bnd3UCA==
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
display: staticcontent_sol
expires: Fri, 13 Aug 2021 10:44:18 GMT

GET
H2 200 iknow.woff2
banks.cam/wp-content/themes/iknow/assets/font/ 4 KB
4 KB 27ms
26ms Font
font/woff2 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://banks.cam/wp-content/themes/iknow/assets/font/iknow.woff2?24070758

Requested by

Host: banks.cam
URL: https://banks.cam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

68559c9acf2dee0289d71c8fda64d0aa14f0d66b969c9b4d98d1eabffa00e991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://banks.cam
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true
:path: /wp-content/themes/iknow/assets/font/iknow.woff2?24070758
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://banks.cam
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;mm;11a6945ea0340ec4b239e4ac75dc6b57;2-236796-0;96d7c0d0-4624-4781-6ea3-887ab9a1afec
x-middleton-display: staticcontent_sol, staticcontent_sol
x-server-powered-by: Engintron
x-middleton-response: 200
content-length: 3784
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
vary: Accept-Encoding User-Agent,Origin,Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 denver.js Show response
banks.cam/detroitchicago/ 4 KB
1 KB 18ms
17ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/detroitchicago/denver.js?gcb=0&cb=1
Requested by: Host: banks.cam
URL: https://banks.cam/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e45818350fb6700935c0dce924d8317b166845c5516bc391a1dbda39203f143a

Request headers

:path: /detroitchicago/denver.js?gcb=0&cb=1
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1273

GET
H2 200 imp.gif Show response
banks.cam/detroitchicago/ 43 B
128 B 211ms
211ms XHR
image/gif 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A2%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%226%2C4%2C2%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Berlin%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A236796%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1115%2C1117%2C1122%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%225ba2d2b2-5b8a-4fe5-4443-29bcace3b33d%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2210178%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A83633%2C%22response_time_orig%22%3A4%2C%22serverid%22%3A%2218.192.55.253%3A20551%22%2C%22state%22%3A%22BE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1115%2C1117%2C1122%22%2C%22t_epoch%22%3A1628737008%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fbanks.cam%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1133%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:path: /detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A2%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%226%2C4%2C2%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Berlin%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A236796%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1115%2C1117%2C1122%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%225ba2d2b2-5b8a-4fe5-4443-29bcace3b33d%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2210178%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A83633%2C%22response_time_orig%22%3A4%2C%22serverid%22%3A%2218.192.55.253%3A20551%22%2C%22state%22%3A%22BE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1115%2C1117%2C1122%22%2C%22t_epoch%22%3A1628737008%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fbanks.cam%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1133%2C%22worst_bad_word_level%22%3A0%7D
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 47

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 24ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 19 Aug 2021 02:56:49 GMT

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
54 B 21ms
21ms Script
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: banks.cam
URL: https://banks.cam/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
cache-control: max-age=300, private
server: nginx
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 cmbdv2.js Show response
banks.cam/detroitchicago/ 46 KB
10 KB 23ms
23ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-4y0c-5y18-3y34-15y57-21&cmbcb=20&sj=x03x0cx18x34x57
Requested by: Host: banks.cam
URL: https://banks.cam/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0388d7fdf9ea51f4a570c8f33228a8113e160a0eb5a619cf46937365396fe5fc

Request headers

:path: /detroitchicago/cmbdv2.js?gcb=195-0&cb=03-4y0c-5y18-3y34-15y57-21&cmbcb=20&sj=x03x0cx18x34x57
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H3-29 200 pubads_impl_2021080901.js Show response
securepubads.g.doubleclick.net/gpt/ 330 KB
115 KB 25ms
24ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 08:37:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117636
x-xss-protection: 0
expires: Thu, 12 Aug 2021 02:56:49 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 28 B
68 B 24ms
23ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a88eb264a81deb7feeb18a06767de93a89159c83590034d8c94b366320742ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
expires: Thu, 12 Aug 2021 02:56:49 GMT

GET
H2 200 greenoaks.gif Show response
banks.cam/detroitchicago/ 0
127 B 16ms
16ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidF9lcG9jaCI6MTYyODczNzAwOCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDgtMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidF9lcG9jaCI6MTYyODczNzAwOCwiZGF0YSI6W3sibmFtZSI6InVuaXZlcnNhbF91c2VyX2lkIiwidmFsIjoiZjcwMzcwNDk0MGEwMzY5MDgwOTc1YWFhMTdlYzJmNjgifV19XQ==
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidF9lcG9jaCI6MTYyODczNzAwOCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDgtMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidF9lcG9jaCI6MTYyODczNzAwOCwiZGF0YSI6W3sibmFtZSI6InVuaXZlcnNhbF91c2VyX2lkIiwidmFsIjoiZjcwMzcwNDk0MGEwMzY5MDgwOTc1YWFhMTdlYzJmNjgifV19XQ==
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:51 UTC

GET
H2 200 nmash.js
banks.cam/porpoiseant/ 24 KB
6 KB 63ms
62ms Other
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/nmash.js?v=57
Requested by: Host: banks.cam
URL: https://banks.cam/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: acbbae3ea8c718877be4d5cc6437e6837d712b847a82b4f0aed2dc10bf9fdb64

Request headers

:path: /porpoiseant/nmash.js?v=57
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
last-modified: Wed, 11 Aug 2021 21:57:31 GMT
server: nginx
etag: "60b1-5c94fb47b8020;5c701b9c2cf40-gzip"
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
428 B 95ms
31ms Script
application/javascript 2600:9000:2175:2600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2175:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 05:36:53 GMT
via: 1.1 579cfbd9c011d359d737aee6a310afc2.cloudfront.net (CloudFront)
age: 76796
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: MRS52-P1
accept-ranges: bytes
x-amz-cf-id: fynKxAi9N4scQbHCKvqt_AbkJ2rtA61UMSEkWH7G0FGQeYh_5qsq2w==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 991 B
297 B 129ms
129ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969498714290522&correlator=4208852780487582&output=ldjh&impl=fifs&eid=31062030%2C31062147%2C31062188%2C31061181%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=1254144%2Cbanks_cam-box-2%2Cbanks_cam-box-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=336x280%2C728x90&prev_scp=a%3D%257C254%257C%26iid1%3D2687457307818055%26eid%3D2687457307818055%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1115%26sap%3D1115%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dbanks_cam-box-2-2687457307818055%26eb_br%3D9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26bv%3D0%26bvm%3D4%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D4%26br2%3D6%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%7Ca%3D%257C2%257C%26iid1%3D1108043203787576%26eid%3D1108043203787576%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1117%26sap%3D1117%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dbanks_cam-box-3-1108043203787576%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26eba%3D1%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26ftsn%3D3%26br1%3D0%26br2%3D0%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C619%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1626324522&dt=1628737009496&dlt=1628737009173&idt=298&frm=20&biw=1600&bih=1200&oid=3&adxs=632%2C436&adys=147%2C604&adks=587867068%2C4077108662&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanks.cam%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1344x280%7C1552x90&msz=336x280%7C728x90&ga_vid=99199013.1628737009&ga_sid=1628737009&ga_hid=1050177875&ga_fc=false&fws=4%2C4&ohw=1600%2C1600&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

494e032d76b6d1340a0a8d8b4a5b87fcc8105a1c5d97143c7a55866fbdd224e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://banks.cam
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e7f2ce123870d2b8d1b5ed111e109ca3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0541 6 KB
3 KB 27ms
13ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e7f2ce123870d2b8d1b5ed111e109ca3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e7f2ce123870d2b8d1b5ed111e109ca3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banks.cam/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://banks.cam/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 12 Aug 2021 02:56:49 GMT
expires: Fri, 12 Aug 2022 02:56:49 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 454 B
274 B 102ms
102ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969498714290522&correlator=2447428997061739&output=ldjh&impl=fifs&eid=31062030%2C31062147%2C31062188%2C31061181%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=1254144%2Cbanks_cam-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&prev_scp=a%3D%257C3%257C%26iid1%3D2197376649825830%26eid%3D2197376649825830%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbanks_cam-medrectangle-2-2197376649825830%26eb_br%3D291d27313eb66c50243129b23df8a579%26eba%3D1%26bv%3D0%26bvm%3D2%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D10%26br2%3D6%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1626324522&dt=1628737009500&dlt=1628737009173&idt=298&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1110&adks=345074965&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanks.cam%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=99199013.1628737009&ga_sid=1628737009&ga_hid=1050177875&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ad36574db820baf3a93050161624a4a2a954b6fc1f7757e4825f0f752c37b95e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://banks.cam
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=634242156;labels=Domain.banks_cam%2CDomainId.236796;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fbanks.cam%2F;uht=2;fpan=1;fpa=P0-2019547329-1628737009557;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c0...
pixel.quantserve.com/ 35 B
371 B 11ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=634242156;labels=Domain.banks_cam%2CDomainId.236796;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fbanks.cam%2F;uht=2;fpan=1;fpa=P0-2019547329-1628737009557;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=banks.cam;je=0;sr=1600x1200x24;dst=1;et=1628737009556;tzo=-120;ogl=locale.en_US%2Ctype.website%2Ctitle.Banks%20-%20Banks%2Curl.https%3A%2F%2Fbanks%252Ecam%2F%2Csite_name.Banks

Requested by

Host: banks.cam
URL: https://banks.cam/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Aug 2021 02:56:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 greenoaks.gif Show response
banks.cam/detroitchicago/ 0
42 B 16ms
15ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6Ijg0In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIyODkifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjEwIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjE3OSJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjE4MCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIzOTIifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIzNDMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjM0MyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19XQ==
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6Ijg0In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIyODkifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjEwIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjE3OSJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjE4MCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIzOTIifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIzNDMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjM0MyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19XQ==
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; ezux_lpl_236796=1628737009571|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false; __gads=ID=c3516cb2af7e4485-227a8ccf9dc80022:T=1628737009:S=ALNI_MYgPZ6C-XEmtcJEQuDsGvDdv1EEyw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:48 UTC

GET
H2 200 greenoaks.gif Show response
banks.cam/detroitchicago/ 0
19 B 16ms
15ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidF9lcG9jaCI6MTYyODczNzAwOCwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiNDMxIn1dfV0=
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidF9lcG9jaCI6MTYyODczNzAwOCwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiNDMxIn1dfV0=
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; ezux_lpl_236796=1628737009571|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false; __gads=ID=c3516cb2af7e4485-227a8ccf9dc80022:T=1628737009:S=ALNI_MYgPZ6C-XEmtcJEQuDsGvDdv1EEyw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:48 UTC

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

049372408126e31cb7a568aa74df3be9f2cc1a045142ca251720f79ae77170f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8501
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 12 Aug 2021 02:56:49 GMT

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 90C2 0
0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EFF3 783 B
758 B 32ms
32ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40af12c31b38946a661bc98ba96d2f6b6c642ef76ebfbb1599457d01c3c56cd0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O9tb3p2xXKhEyPx60c4pMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banks.cam/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://banks.cam/

Response headers

expires: Thu, 12 Aug 2021 02:56:49 GMT
date: Thu, 12 Aug 2021 02:56:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-O9tb3p2xXKhEyPx60c4pMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 army.gif Show response
banks.cam/porpoiseant/ 0
19 B 16ms
16ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTEwODA0MzIwMzc4NzU3NiIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTE3LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTEwODA0MzIwMzc4NzU3NiIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTE3LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; ezux_lpl_236796=1628737009571|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false; __gads=ID=87ef463894c3e7f9-225cf99c9dc80099:T=1628737009:S=ALNI_MZRxtv0Yhm72BwPH_uImyJkSG5F8Q
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:51 UTC

GET
H2 200 army.gif Show response
banks.cam/porpoiseant/ 0
19 B 15ms
15ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTEwODA0MzIwMzc4NzU3NiIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTE3LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjoxMTMwMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjExMzAzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTEwODA0MzIwMzc4NzU3NiIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTE3LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjoxMTMwMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjExMzAzIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; ezux_lpl_236796=1628737009571|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false; __gads=ID=87ef463894c3e7f9-225cf99c9dc80099:T=1628737009:S=ALNI_MZRxtv0Yhm72BwPH_uImyJkSG5F8Q
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:49 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:48 UTC

GET
H3-29 200 728x90.png
go.ezodn.com/charity/https/charity-ads.s3.amazonaws.com/charity_ads/2/ 34 KB
35 KB 616ms
579ms Image
image/png 2606:4700:3036::ac43:a1d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezodn.com/charity/https/charity-ads.s3.amazonaws.com/charity_ads/2/728x90.png
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b52e0cc598ce0aa2c8e0def4de2bf3f600fd965f75147127dcdfe1e5d74d0c9

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:50 GMT
cf-cache-status: BYPASS
last-modified: Sun, 25 Jul 2021 17:42:41 GMT
server: cloudflare
x-amz-request-id: TV4MBJ50W8EDHBR9
etag: W/"9609c690ad6d0b5642f5f209ff1a256f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MswjgDMUgiyJsEYxBp9ww2aDOnTRt4dh05pY9Pf5bWx79MWRA4mgrTQcowgD1hVGRjhMrVS0sMNWexhfFpmTLobjpMwNPLaqH5F1kLWr788Urb%2FtdSHDMlK7G8vpx9y6dmhVVw96C1U9aQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67d66ec7ca3b1669-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: eBQGPjocdGpOTUh6NK/H0tVjmsMeXW3elCRH2urFNgYx52cMmOAJcie6wFDwGRMqf+8dV4ZXlVA=

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
259 B 116ms
116ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969498714290522&correlator=121754022698566&output=ldjh&impl=fifs&eid=31062030%2C31062147%2C31062188%2C31061181%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=1254144%2Cbanks_cam-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ris=3&rcs=1&prev_scp=a%3D%257C254%257C%26iid1%3D2687457307818055%26eid%3D2687457307818055%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1115%26sap%3D1115%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dbanks_cam-box-2-2687457307818055%26eb_br%3Db6c98a8bb15764f1c4ee331dcb724178%26eba%3D1%26bv%3D0%26bvm%3D4%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D2%26br2%3D6%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C619%26lb%3D4%26reqt%3D1628737012967&eri=1&cookie=ID%3D87ef463894c3e7f9-225cf99c9dc80099%3AT%3D1628737009%3AS%3DALNI_MZRxtv0Yhm72BwPH_uImyJkSG5F8Q&bc=31&abxe=1&lmt=1626324522&dt=1628737012972&dlt=1628737009173&idt=298&frm=20&biw=1600&bih=1200&oid=3&adxs=632&adys=147&adks=587867068&ucis=1&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanks.cam%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1344x280&msz=336x280&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=99199013.1628737009&ga_sid=1628737009&ga_hid=1050177875&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2584921c374feb4e901a0999cdba699103bcf4a90c7e432fd8c639ab894ecb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://banks.cam
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
263 B 116ms
115ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969498714290522&correlator=1445237589087125&output=ldjh&impl=fifs&eid=31062030%2C31062147%2C31062188%2C31061181%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=1254144%2Cbanks_cam-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ris=3&rcs=1&prev_scp=a%3D%257C3%257C%26iid1%3D2197376649825830%26eid%3D2197376649825830%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbanks_cam-medrectangle-2-2197376649825830%26eb_br%3D2e8b8c60843e52e5aaa1e3a52287a2bb%26eba%3D1%26bv%3D0%26bvm%3D2%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D8%26br2%3D6%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C619%26lb%3D10%26reqt%3D1628737012973&eri=1&cookie=ID%3D87ef463894c3e7f9-225cf99c9dc80099%3AT%3D1628737009%3AS%3DALNI_MZRxtv0Yhm72BwPH_uImyJkSG5F8Q&bc=31&abxe=1&lmt=1626324522&dt=1628737012976&dlt=1628737009173&idt=298&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1110&adks=345074965&ucis=3&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanks.cam%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=99199013.1628737009&ga_sid=1628737009&ga_hid=1050177875&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5930be07c7cdd4fba75b5b86b05b6a557e07ea83597b8cea4fadeff619f142de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://banks.cam
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1ef64aebc386c8504b39ea3edcdc666a.js Show response
banks.cam/wp-content/cache/min/1/ 129 KB
40 KB 117ms
116ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://banks.cam/wp-content/cache/min/1/1ef64aebc386c8504b39ea3edcdc666a.js?screx=1&sxcb=2a

Requested by

Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bc0d57e3b62b5ea5210f93dcdaa9f6db6acc4545ddcb5095590517af1d95a5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/min/1/1ef64aebc386c8504b39ea3edcdc666a.js?screx=1&sxcb=2a
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; ezux_lpl_236796=1628737009571|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;ds;dfcab6a483b9572746213f080d4a9bbe;2-236796-0;4b1dc9d9-48cf-4554-55a2-4d4af5b89a74
x-middleton-display: staticcontent_sol, staticcontent_sol
x-server-powered-by: Engintron
x-middleton-response: 200
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000

GET
H2 200 jquery.min.js Show response
banks.cam/wp-includes/js/jquery/ 92 KB
30 KB 61ms
60ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://banks.cam/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=2a&ver=3.5.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

50c8d681ebefb8fa94b60691e89d4e31c3d283310c13457028898a70f1998cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=2a&ver=3.5.1
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; ezux_lpl_236796=1628737009571|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;mm;c35fa63ee611046cad67ddc3fe500770;2-236796-0;4404df3d-9038-402f-568b-f6d4afd64b2d
x-middleton-display: staticcontent_sol, staticcontent_sol
x-server-powered-by: Engintron
x-middleton-response: 200
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 21ms
20ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: banks.cam
URL: https://banks.cam/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

073bd16153a9bff10e9433e527bc93200360df1cd3205123e609e53974ac5fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "956 / 28 of 1000 / last-modified: 1628719812"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25183
x-xss-protection: 0
expires: Thu, 12 Aug 2021 02:56:54 GMT

GET
H2 200 lazyload.min.js Show response
banks.cam/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 42ms
41ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://banks.cam/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js?screx=1&sxcb=2a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js?screx=1&sxcb=2a
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; ezux_lpl_236796=1628737009571|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;mm;63a3e10cce10fa7fb3e39cb763232b8c;2-236796-0;d0ce4337-cc89-48f0-6477-c096fd459f30
x-middleton-display: staticcontent_sol, staticcontent_sol
x-server-powered-by: Engintron
x-middleton-response: 200
content-length: 2570
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
162 B 87ms
86ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969498714290522&correlator=3890101184844209&output=ldjh&impl=fifs&eid=31062030%2C31062147%2C31062188%2C31061181%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=1254144%2Cbanks_cam-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ris=2&rcs=2&prev_scp=a%3D%257C254%257C%26iid1%3D2687457307818055%26eid%3D2687457307818055%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1115%26sap%3D1115%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dbanks_cam-box-2-2687457307818055%26eb_br%3Dzero%26eba%3D1%26bv%3D0%26bvm%3D4%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D0%26br2%3D6%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C619%2C619%26lb%3D2%26reqt%3D1628737013475%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D87ef463894c3e7f9%3AT%3D1628737009%3AS%3DALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ&bc=31&abxe=1&lmt=1626324522&dt=1628737014480&dlt=1628737009173&idt=298&frm=20&biw=1600&bih=1200&oid=3&adxs=632&adys=147&adks=587867068&ucis=1&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanks.cam%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1344x280&msz=336x280&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=99199013.1628737009&ga_sid=1628737009&ga_hid=1050177875&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d642c35eefd5148d934e47c2a194fc91168ba5a841779320c37f4552dff57c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://banks.cam
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 339 B
173 B 87ms
86ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969498714290522&correlator=266366195182674&output=ldjh&impl=fifs&eid=31062030%2C31062147%2C31062188%2C31061181%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=1254144%2Cbanks_cam-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ris=2&rcs=2&prev_scp=a%3D%257C3%257C%26iid1%3D2197376649825830%26eid%3D2197376649825830%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbanks_cam-medrectangle-2-2197376649825830%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26bv%3D0%26bvm%3D2%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D6%26br2%3D6%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C619%2C619%26lb%3D8%26reqt%3D1628737013479&eri=1&cookie=ID%3D87ef463894c3e7f9%3AT%3D1628737009%3AS%3DALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ&bc=31&abxe=1&lmt=1626324522&dt=1628737014486&dlt=1628737009173&idt=298&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1110&adks=345074965&ucis=3&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanks.cam%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=99199013.1628737009&ga_sid=1628737009&ga_hid=1050177875&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

35ebdbfa55d4514791568438b4e1e82329bb7e4cef935d2c158c44e72355f300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://banks.cam
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iknow.woff2
banks.cam/wp-content/themes/iknow/assets/font/ 4 KB
4 KB 33ms
33ms Font
font/woff2 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://banks.cam/wp-content/themes/iknow/assets/font/iknow.woff2?24070758

Requested by

Host: banks.cam
URL: https://banks.cam/wp-content/cache/min/1/845187df6bf580ca097500b3f7009dac.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

68559c9acf2dee0289d71c8fda64d0aa14f0d66b969c9b4d98d1eabffa00e991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://banks.cam
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ; ezux_lpl_236796=1628737014524|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false
:path: /wp-content/themes/iknow/assets/font/iknow.woff2?24070758
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: banks.cam
referer: https://banks.cam/wp-content/cache/min/1/845187df6bf580ca097500b3f7009dac.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://banks.cam
Referer: https://banks.cam/wp-content/cache/min/1/845187df6bf580ca097500b3f7009dac.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;mm;11a6945ea0340ec4b239e4ac75dc6b57;2-236796-0;96d7c0d0-4624-4781-6ea3-887ab9a1afec
x-middleton-display: staticcontent_sol, staticcontent_sol
x-server-powered-by: Engintron
x-middleton-response: 200
content-length: 3784
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
vary: Accept-Encoding User-Agent,Origin,Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 army.gif Show response
banks.cam/porpoiseant/ 0
19 B 17ms
15ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4NzQ1NzMwNzgxODA1NSIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwiYWRfcG9zaXRpb24iOjExMTUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjExIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTA4MDQzMjAzNzg3NTc2IiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidW5pdCI6ImRpdi1ncHQtYWQtYmFua3NfY2FtLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJhZF9wb3NpdGlvbiI6MTExNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjIxOTczNzY2NDk4MjU4MzAiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1iYW5rc19jYW0tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI2NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4NzQ1NzMwNzgxODA1NSIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwiYWRfcG9zaXRpb24iOjExMTUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjExIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTA4MDQzMjAzNzg3NTc2IiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidW5pdCI6ImRpdi1ncHQtYWQtYmFua3NfY2FtLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJhZF9wb3NpdGlvbiI6MTExNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjIxOTczNzY2NDk4MjU4MzAiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1iYW5rc19jYW0tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI2NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ; ezux_lpl_236796=1628737014524|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:53 UTC

GET
H2 200 army.gif Show response
banks.cam/porpoiseant/ 0
19 B 17ms
15ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4NzQ1NzMwNzgxODA1NSIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwiYWRfcG9zaXRpb24iOjExMTUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiNjMyIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxNDcifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTA4MDQzMjAzNzg3NTc2IiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidW5pdCI6ImRpdi1ncHQtYWQtYmFua3NfY2FtLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJhZF9wb3NpdGlvbiI6MTExNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI0MzYifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjYwNCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjIxOTczNzY2NDk4MjU4MzAiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1iYW5rc19jYW0tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDQifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4NzQ1NzMwNzgxODA1NSIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwiYWRfcG9zaXRpb24iOjExMTUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiNjMyIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxNDcifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTA4MDQzMjAzNzg3NTc2IiwiZG9tYWluX2lkIjoiMjM2Nzk2IiwidW5pdCI6ImRpdi1ncHQtYWQtYmFua3NfY2FtLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJhZF9wb3NpdGlvbiI6MTExNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI0MzYifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjYwNCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjIxOTczNzY2NDk4MjU4MzAiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1iYW5rc19jYW0tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjg3MzcwMDgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDQifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ; ezux_lpl_236796=1628737014524|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:53 UTC

GET
H2 200 army.gif Show response
banks.cam/porpoiseant/ 0
42 B 16ms
15ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4NzQ1NzMwNzgxODA1NSIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTE1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4NzQ1NzMwNzgxODA1NSIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTE1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ; ezux_lpl_236796=1628737014524|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:53 UTC

GET
H2 200 army.gif Show response
banks.cam/porpoiseant/ 0
19 B 17ms
16ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4NzQ1NzMwNzgxODA1NSIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTE1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjoxMTMwMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjExMzAzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4NzQ1NzMwNzgxODA1NSIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTE1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjoxMTMwMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjExMzAzIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ; ezux_lpl_236796=1628737014524|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:53 UTC

GET
H3-29 200 300x250.png
go.ezodn.com/charity/https/charity-ads.s3.amazonaws.com/charity_ads/2/ 77 KB
78 KB 302ms
301ms Image
image/png 2606:4700:3036::ac43:a1d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezodn.com/charity/https/charity-ads.s3.amazonaws.com/charity_ads/2/300x250.png
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226f9d5c47b759bb1f9571e5301c912183f452e71c569fd2af2fd5614e6d01b0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:54 GMT
cf-cache-status: BYPASS
last-modified: Sun, 25 Jul 2021 17:42:40 GMT
server: cloudflare
x-amz-request-id: 30MT47MKJ1JKP07K
etag: W/"cfe2586332c727d232c25a700385e546-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUwsFbOeAFqBKbLBp8bW7yCJD7nwYo6PaHf%2Bm6DpCqFkufoditJP%2BWeyYlYVFvnBjm7ZwvYOIWomJuYxdvZeVz6lneycuzSaJSKHVu97dre%2BQT5GgkCRV%2BfoVKebeHd5Zx510xkblbvMZA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67d66ee54ffb1669-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: R/2Us+Z4cqLO4GjVZ1/SzgjoM2MhQeuvT3X3ZPnvf31y7dQXrhNHyQuaGemZIHr544T8txaY1Nk=

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 339 B
172 B 88ms
88ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969498714290522&correlator=1469315364188827&output=ldjh&impl=fifs&eid=31062030%2C31062147%2C31062188%2C31061181%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=1254144%2Cbanks_cam-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ris=1&rcs=3&prev_scp=a%3D%257C3%257C%26iid1%3D2197376649825830%26eid%3D2197376649825830%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbanks_cam-medrectangle-2-2197376649825830%26eb_br%3D9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26bv%3D0%26bvm%3D2%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D4%26br2%3D6%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C619%2C619%2C619%26lb%3D6%26reqt%3D1628737014987&eri=1&cookie=ID%3D87ef463894c3e7f9%3AT%3D1628737009%3AS%3DALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ&bc=31&abxe=1&lmt=1626324522&dt=1628737014992&dlt=1628737009173&idt=298&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1110&adks=345074965&ucis=3&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanks.cam%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=99199013.1628737009&ga_sid=1628737009&ga_hid=1050177875&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

aaddd7290d2048fa76565c1deb2cbc6c181f766d4f596ff37e47ffd25d350a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://banks.cam
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 339 B
172 B 85ms
84ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969498714290522&correlator=2967259167449983&output=ldjh&impl=fifs&eid=31062030%2C31062147%2C31062188%2C31061181%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=1254144%2Cbanks_cam-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ris=2&rcs=4&prev_scp=a%3D%257C3%257C%26iid1%3D2197376649825830%26eid%3D2197376649825830%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbanks_cam-medrectangle-2-2197376649825830%26eb_br%3Db6c98a8bb15764f1c4ee331dcb724178%26eba%3D1%26bv%3D0%26bvm%3D2%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D2%26br2%3D6%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C619%2C619%2C619%2C619%26lb%3D4%26reqt%3D1628737015495&eri=1&cookie=ID%3D87ef463894c3e7f9%3AT%3D1628737009%3AS%3DALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ&bc=31&abxe=1&lmt=1626324522&dt=1628737016500&dlt=1628737009173&idt=298&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1110&adks=345074965&ucis=3&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanks.cam%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=99199013.1628737009&ga_sid=1628737009&ga_hid=1050177875&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ad927ee5c01bbefb62350d78e060eafb367cec1d20983030b860628c297860c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://banks.cam
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif Show response
banks.cam/detroitchicago/ 0
65 B 16ms
16ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjE1OTYwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIzIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjI0NjkwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMyJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNzc4MjQwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI0ODY0In1dfV0=
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1YmEyZDJiMi01YjhhLTRmZTUtNDQ0My0yOWJjYWNlM2IzM2QiLCJkb21haW5faWQiOiIyMzY3OTYiLCJ0X2Vwb2NoIjoxNjI4NzM3MDA4LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjE1OTYwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIzIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjI0NjkwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMyJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNzc4MjQwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI0ODY0In1dfV0=
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ; ezux_lpl_236796=1628737014524|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:56 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:55 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.cam

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 02:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 339 B
173 B 84ms
84ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969498714290522&correlator=3592688869413290&output=ldjh&impl=fifs&eid=31062030%2C31062147%2C31062188%2C31061181%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=1254144%2Cbanks_cam-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ris=1&rcs=5&prev_scp=a%3D%257C3%257C%26iid1%3D2197376649825830%26eid%3D2197376649825830%26t%3D134%26d%3D236796%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbanks_cam-medrectangle-2-2197376649825830%26eb_br%3Dzero%26eba%3D1%26bv%3D0%26bvm%3D2%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D0%26br2%3D6%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C601%2C608%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C619%2C619%2C619%2C619%2C619%26lb%3D2%26reqt%3D1628737017003%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D87ef463894c3e7f9%3AT%3D1628737009%3AS%3DALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ&bc=31&abxe=1&lmt=1626324522&dt=1628737017008&dlt=1628737009173&idt=298&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1110&adks=345074965&ucis=3&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbanks.cam%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=99199013.1628737009&ga_sid=1628737009&ga_hid=1050177875&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e17a86f962caf5a4dbe4daf8bd5641ccb03e9557f45fa1a722585756d02c8b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://banks.cam
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
banks.cam/porpoiseant/ 0
65 B 16ms
15ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjE5NzM3NjY0OTgyNTgzMCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI2In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjE5NzM3NjY0OTgyNTgzMCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNWJhMmQyYjItNWI4YS00ZmU1LTQ0NDMtMjliY2FjZTNiMzNkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI2In1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ; ezux_lpl_236796=1628737014524|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:57 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:56 UTC

GET
H3-29 200 728x90.png
go.ezodn.com/charity/https/charity-ads.s3.amazonaws.com/charity_ads/2/ 34 KB
35 KB 582ms
581ms Image
image/png 2606:4700:3036::ac43:a1d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezodn.com/charity/https/charity-ads.s3.amazonaws.com/charity_ads/2/728x90.png
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-4y0c-5y18-3y34-15y57-21&cmbcb=20&sj=x03x0cx18x34x57
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b52e0cc598ce0aa2c8e0def4de2bf3f600fd965f75147127dcdfe1e5d74d0c9

Request headers

Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:57 GMT
cf-cache-status: BYPASS
last-modified: Sun, 25 Jul 2021 17:42:41 GMT
server: cloudflare
x-amz-request-id: CE3594AM5W503319
etag: W/"9609c690ad6d0b5642f5f209ff1a256f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojFauqjoqtU%2BKa6KIzjS%2BjIZOQGznp7yJACne2E8Vlc7myEx17ZKM2KIOG0p0hsvyijFicTopU9c3IEmVN%2BjiIS0qKtj5KQ6LpdgCBZQ0wHRHR7w%2FE3NKqK6PPJl6Czizte7F6vWwUXpPZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67d66ef51fa51669-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: 1l7wyWubaLQUIdjSQ6BXTlESG/VdFjwgL2h7D119PQ8MHuLyWp19o9GUcAOMD0httHs65J/Av1E=

GET
H2 200 army.gif Show response
banks.cam/porpoiseant/ 0
19 B 16ms
16ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.cam/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjE5NzM3NjY0OTgyNTgzMCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjoxMTMwMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjExMzAzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: banks.cam
URL: https://banks.cam/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1f-2y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx20x33x52x56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjE5NzM3NjY0OTgyNTgzMCIsImRvbWFpbl9pZCI6IjIzNjc5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJhbmtzX2NhbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyODczNzAwOCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjoxMTMwMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjViYTJkMmIyLTViOGEtNGZlNS00NDQzLTI5YmNhY2UzYjMzZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjExMzAzIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: ezoadgid_236796=-1; ezoref_236796=; ezoab_236796=mod1; active_template::236796=pub_site.1628737008; ezopvc_236796=1; ezepvv=0; ezovid_236796=967082813; lp_236796=https://banks.cam/; ezovuuidtime_236796=1628737009; ezovuuid_236796=cfa8cc54-c983-412d-45c9-faed885eb928; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=f703704940a0369080975aaa17ec2f68; _dlt=1; __qca=P0-2019547329-1628737009557; __gads=ID=87ef463894c3e7f9:T=1628737009:S=ALNI_MakKGcDCy4pFc1ogbYZMilvvYFURQ; ezux_lpl_236796=1628737014524|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d|false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: banks.cam
referer: https://banks.cam/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://banks.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 02:56:57 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 11 Aug 2021 02:56:55 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
banks.cam/	1970-01-20 05:11:13	Name: ezux_lpl_236796 Value: 1628737009571\|5ba2d2b2-5b8a-4fe5-4443-29bcace3b33d\|false
.banks.cam/	1970-01-20 05:50:05	Name: __qca Value: P0-2019547329-1628737009557
banks.cam/	1969-12-31 23:59:59	Name: ezouspva Value: 0
banks.cam/	1970-01-22 09:44:49	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
banks.cam/	1970-01-22 09:44:49	Name: ezohw Value: w%3D1600%2Ch%3D1200
.banks.cam/	1970-01-19 20:25:38	Name: ezovuuid_236796 Value: cfa8cc54-c983-412d-45c9-faed885eb928
.banks.cam/	1970-01-19 20:28:29	Name: ezovuuidtime_236796 Value: 1628737009
.banks.cam/	1970-01-19 20:28:29	Name: active_template::236796 Value: pub_site.1628737008
.banks.cam/	1970-01-19 20:25:38	Name: lp_236796 Value: https://banks.cam/
.banks.cam/	1970-01-20 05:11:13	Name: ezCMPCCS Value: true
.banks.cam/	1969-12-31 23:59:59	Name: _dlt Value: 1
.banks.cam/	1970-01-19 20:27:03	Name: ezepvv Value: 0
.banks.cam/	1970-01-19 20:25:44	Name: ezoab_236796 Value: mod1
.banks.cam/	1970-01-19 20:25:38	Name: ezopvc_236796 Value: 1
.banks.cam/	1970-01-20 13:56:49	Name: ezosuigeneris Value: f703704940a0369080975aaa17ec2f68
.banks.cam/	1970-01-19 20:25:44	Name: ezoref_236796 Value:
.banks.cam/	1970-01-19 20:25:38	Name: ezovid_236796 Value: 967082813
banks.cam/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.banks.cam/	1970-01-19 20:25:38	Name: ezoadgid_236796 Value: -1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://banks.cam/wp-content/cache/min/1/1ef64aebc386c8504b39ea3edcdc666a.js?screx=1&sxcb=2a(Line 1) Message: q2w3_sidebar_options not found!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
banks.cam
e7f2ce123870d2b8d1b5ed111e109ca3.safeframe.googlesyndication.com
g.ezoic.net
go.ezodn.com
go.ezoic.net
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.banks.cam
www.google.com
tpc.googlesyndication.com
142.250.181.226
18.158.98.109
18.159.80.129
2600:9000:2156:ae00:2:cb38:840:93a1
2600:9000:2175:2600:6:44e3:f8c0:93a1
2606:4700:3036::ac43:a1d1
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:830::2002
0388d7fdf9ea51f4a570c8f33228a8113e160a0eb5a619cf46937365396fe5fc
049372408126e31cb7a568aa74df3be9f2cc1a045142ca251720f79ae77170f6
073bd16153a9bff10e9433e527bc93200360df1cd3205123e609e53974ac5fc7
11c4132ca8ed6180b2499ffe3c3335ca76fbd0b8a87855574d2ea0ac17397f59
171c16244ad0112066e677119b5b588083875f9806f94378bcaebc4e16008b41
226f9d5c47b759bb1f9571e5301c912183f452e71c569fd2af2fd5614e6d01b0
2584921c374feb4e901a0999cdba699103bcf4a90c7e432fd8c639ab894ecb3c
29d9826d733409fe41024888e28fb6e18485a64cb1566eebc940c6def796c2c6
35ebdbfa55d4514791568438b4e1e82329bb7e4cef935d2c158c44e72355f300
3b52e0cc598ce0aa2c8e0def4de2bf3f600fd965f75147127dcdfe1e5d74d0c9
40af12c31b38946a661bc98ba96d2f6b6c642ef76ebfbb1599457d01c3c56cd0
494e032d76b6d1340a0a8d8b4a5b87fcc8105a1c5d97143c7a55866fbdd224e9
50c8d681ebefb8fa94b60691e89d4e31c3d283310c13457028898a70f1998cc0
5930be07c7cdd4fba75b5b86b05b6a557e07ea83597b8cea4fadeff619f142de
68559c9acf2dee0289d71c8fda64d0aa14f0d66b969c9b4d98d1eabffa00e991
6903bfe5c0110c3f8321225f5ae3ac1625fecde2b2baf40f38da200291ffbab3
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
83fed108e3bbb5d9d8487cafc7f805381db55d7a6fd24d4c4ac584e0bd2f0ce3
895abe26b54281effc84c78e5dadcff347f17418342cd9946f5f174eb415106c
8cbdb9e03dbd4d47a16668213d8825cbff6f7a7916aa64dd43b700a5c2045001
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a88eb264a81deb7feeb18a06767de93a89159c83590034d8c94b366320742ac0
aaddd7290d2048fa76565c1deb2cbc6c181f766d4f596ff37e47ffd25d350a1b
acbbae3ea8c718877be4d5cc6437e6837d712b847a82b4f0aed2dc10bf9fdb64
ad36574db820baf3a93050161624a4a2a954b6fc1f7757e4825f0f752c37b95e
ad927ee5c01bbefb62350d78e060eafb367cec1d20983030b860628c297860c9
bc0d57e3b62b5ea5210f93dcdaa9f6db6acc4545ddcb5095590517af1d95a5fe
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d642c35eefd5148d934e47c2a194fc91168ba5a841779320c37f4552dff57c78
d66f3afca55ccc3a3845d431dcc40e87c2b8c7319f7d8de5adf1d3c0990d8948
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e17a86f962caf5a4dbe4daf8bd5641ccb03e9557f45fa1a722585756d02c8b99
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45818350fb6700935c0dce924d8317b166845c5516bc391a1dbda39203f143a
ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7

banks.cam Open in urlscan Pro 18.159.80.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

99 %HTTPS

79 %IPv6

9 Domains

15 Subdomains

15 IPs

2 Countries

605 kBTransfer

1716 kBSize

19 Cookies

2 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

banks.cam Open in urlscan Pro
18.159.80.129 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

99 %
HTTPS

79 %
IPv6

9
Domains

15
Subdomains

15
IPs

2
Countries

605 kB
Transfer

1716 kB
Size

19
Cookies

68 HTTP transactions
0 data transactions