Submitted URL: https://t12.creditcards.comerica.com/r/?id=h13045667,93d1f2c,94b9066&e=cDE9MDc5ODgmcDI9RU1fMjkyODg&s=Snr2mezSj7A9sT9eTYL3k7LNkXT4kerW...
Effective URL: https://online1.elancard.com/pdap/directMailApply
Submission: On June 22 via manual from US — Scanned from DE

Summary

This website contacted 25 IPs in 4 countries across 26 domains to perform 50 HTTP transactions. The main IP is 170.135.184.54, located in Owensboro, United States and belongs to US-BANCORP, US. The main domain is online1.elancard.com. The Cisco Umbrella rank of the primary domain is 287526.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 22nd 2022. Valid for: a year.
This is the only time online1.elancard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.212.154.153 16509 (AMAZON-02)
1 170.135.104.110 3147 (US-BANCORP)
1 17 170.135.184.54 3147 (US-BANCORP)
2 2a00:1450:400... 15169 (GOOGLE)
4 104.75.88.194 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 107.154.251.104 19551 (INCAPSULA)
1 5 34.251.67.138 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 34.246.144.250 16509 (AMAZON-02)
2 15.188.95.229 16509 (AMAZON-02)
1 1 34.248.32.199 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 35.244.174.68 15169 (GOOGLE)
1 23.36.162.16 20940 (AKAMAI-ASN1)
2 3 142.250.186.66 15169 (GOOGLE)
1 104.244.42.67 13414 (TWITTER)
1 35.71.131.137 16509 (AMAZON-02)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
7 7 151.101.66.49 54113 (FASTLY)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 23.35.228.247 16625 (AKAMAI-AS)
1 2 37.252.172.250 29990 (ASN-APPNEX)
1 34.98.64.218 15169 (GOOGLE)
1 185.64.190.80 ()
1 2 185.94.180.125 ()
1 2 18.209.37.226 ()
50 25
Apex Domain
Subdomains
Transfer
17 elancard.com
online1.elancard.com — Cisco Umbrella Rank: 287526
928 KB
8 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 850
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
1 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
usbank.demdex.net — Cisco Umbrella Rank: 14519
9 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 836
183 KB
3 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
899 B
2 rkdms.com
mid.rkdms.com
71 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
2 KB
2 sdcvisit.com
smetrics.sdcvisit.com — Cisco Umbrella Rank: 68885
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
29 KB
2 globalsiteanalytics.com
globalsiteanalytics.com — Cisco Umbrella Rank: 20816
3 KB
2 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 322
54 KB
1 pubmatic.com
image2.pubmatic.com
225 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 387
275 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
239 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 182
539 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
265 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 516
354 B
1 usbank.com
acxmetrics.usbank.com — Cisco Umbrella Rank: 9458
199 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 321
98 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
297 B
1 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2288
170 KB
1 fonts.net
fast.fonts.net — Cisco Umbrella Rank: 3151
621 B
1 newcardapply.com
www.newcardapply.com
2 KB
1 comerica.com
t12.creditcards.comerica.com
356 B
50 26
Domain Requested by
17 online1.elancard.com 1 redirects www.newcardapply.com
online1.elancard.com
7 sync-tm.everesttech.net 7 redirects
5 dpm.demdex.net 1 redirects online1.elancard.com
4 tags.tiqcdn.com online1.elancard.com
tags.tiqcdn.com
3 cm.g.doubleclick.net 2 redirects
2 mid.rkdms.com 1 redirects
2 sync.search.spotxchange.com 1 redirects
2 ib.adnxs.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 smetrics.sdcvisit.com tags.tiqcdn.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 globalsiteanalytics.com online1.elancard.com
2 maps.googleapis.com online1.elancard.com
maps.googleapis.com
1 image2.pubmatic.com
1 us-u.openx.net
1 pixel.rubiconproject.com
1 c.bing.com 1 redirects
1 match.adsrvr.org
1 analytics.twitter.com
1 acxmetrics.usbank.com tags.tiqcdn.com
1 idsync.rlcdn.com online1.elancard.com
1 www.facebook.com online1.elancard.com
1 cm.everesttech.net 1 redirects
1 usbank.demdex.net tags.tiqcdn.com
1 cdn.quantummetric.com tags.tiqcdn.com
1 fast.fonts.net online1.elancard.com
1 www.newcardapply.com
1 t12.creditcards.comerica.com 1 redirects
50 28

This site contains links to these domains. Also see Links.

Domain
www.comerica.com
www.myaccountaccess.com
Subject Issuer Validity Valid
online1.elancard.com
Entrust Certification Authority - L1K
2022-03-22 -
2023-04-21
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA
2022-02-27 -
2023-02-28
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-05 -
2023-06-04
a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-04-01 -
2022-09-30
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-31 -
2022-06-29
3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
smetrics.sdcvisit.com
Entrust Certification Authority - L1K
2020-07-14 -
2022-08-03
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
acxmetrics.usbank.com
Entrust Certification Authority - L1K
2022-01-24 -
2023-02-23
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh

This page contains 2 frames:

Primary Page: https://online1.elancard.com/pdap/directMailApply
Frame ID: 7CCC7A602F2A7895B9368D9385C9174A
Requests: 36 HTTP requests in this frame

Frame: https://usbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 0878C02B5B84D16A0D0ACFE8C05A8368
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Card Application

Page URL History Show full URLs

  1. https://t12.creditcards.comerica.com/r/?id=h13045667,93d1f2c,94b9066&e=cDE9MDc5ODgmcDI9RU1fMjkyODg&s=Snr2mezSj7A9... HTTP 302
    http://www.newcardapply.com/07988?ecid=EM_29288 Page URL
  2. https://online1.elancard.com/oad/begin?applicationType=mail-offer&locationCode=07988&ecid=EM_29288 Page URL
  3. https://online1.elancard.com/pdap/begin HTTP 302
    https://online1.elancard.com/pdap/directMailApply Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • xregexp.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

72 %
HTTPS

21 %
IPv6

26
Domains

28
Subdomains

25
IPs

4
Countries

1383 kB
Transfer

4894 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t12.creditcards.comerica.com/r/?id=h13045667,93d1f2c,94b9066&e=cDE9MDc5ODgmcDI9RU1fMjkyODg&s=Snr2mezSj7A9sT9eTYL3k7LNkXT4kerWUBbk6GGJ9Dk HTTP 302
    http://www.newcardapply.com/07988?ecid=EM_29288 Page URL
  2. https://online1.elancard.com/oad/begin?applicationType=mail-offer&locationCode=07988&ecid=EM_29288 Page URL
  3. https://online1.elancard.com/pdap/begin HTTP 302
    https://online1.elancard.com/pdap/directMailApply Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://t12.creditcards.comerica.com/r/?id=h13045667,93d1f2c,94b9066&e=cDE9MDc5ODgmcDI9RU1fMjkyODg&s=Snr2mezSj7A9sT9eTYL3k7LNkXT4kerWUBbk6GGJ9Dk HTTP 302
  • http://www.newcardapply.com/07988?ecid=EM_29288
Request Chain 23
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1655900594885 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1655900594885
Request Chain 31
  • https://cm.everesttech.net/cm/dd?d_uuid=56482452274690320480013160124316611326 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrMJswAAABesXANn
Request Chain 36
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTY0ODI0NTIyNzQ2OTAzMjA0ODAwMTMxNjAxMjQzMTY2MTEzMjY= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTY0ODI0NTIyNzQ2OTAzMjA0ODAwMTMxNjAxMjQzMTY2MTEzMjY=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAAVTYsna-w06lIf90RfLu0&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 40
  • https://c.bing.com/c.gif?uid=56482452274690320480013160124316611326&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=377803B9F4D7629935C61272F5056338
Request Chain 41
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXJNSnN3QUFBQmVzWEFObg==
Request Chain 42
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YrMJswAAABesXANn&expires=90
Request Chain 43
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YrMJswAAABesXANn HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YrMJswAAABesXANn&C=1
Request Chain 44
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YrMJswAAABesXANn HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYrMJswAAABesXANn
Request Chain 45
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrMJswAAABesXANn
Request Chain 46
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrMJswAAABesXANn
Request Chain 47
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YrMJswAAABesXANn&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YrMJswAAABesXANn&img=1&__user_check__=1&sync_id=17e6f368-f226-11ec-853e-15758c630106
Request Chain 48
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=56482452274690320480013160124316611326&_ct=img HTTP 302
  • https://mid.rkdms.com/restricted

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
07988
www.newcardapply.com/
Redirect Chain
  • https://t12.creditcards.comerica.com/r/?id=h13045667,93d1f2c,94b9066&e=cDE9MDc5ODgmcDI9RU1fMjkyODg&s=Snr2mezSj7A9sT9eTYL3k7LNkXT4kerWUBbk6GGJ9Dk
  • http://www.newcardapply.com/07988?ecid=EM_29288
2 KB
2 KB
Document
General
Full URL
http://www.newcardapply.com/07988?ecid=EM_29288
Protocol
HTTP/1.1
Server
170.135.104.110 , United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
1656
Content-Type
text/html
Date
Wed, 22 Jun 2022 12:23:10 GMT
ETag
"73de69f18ad7d51:0"
Last-Modified
Thu, 30 Jan 2020 16:33:03 GMT
Server
Microsoft-IIS/8.5

Redirect headers

content-length
17
content-type
text/plain; charset=utf-8
date
Wed, 22 Jun 2022 12:23:10 GMT
location
http://www.newcardapply.com/07988?ecid=EM_29288
p3p
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
server
Apache
x-robots-tag
noindex
begin
online1.elancard.com/oad/
426 B
2 KB
Document
General
Full URL
https://online1.elancard.com/oad/begin?applicationType=mail-offer&locationCode=07988&ecid=EM_29288
Requested by
Host: www.newcardapply.com
URL: http://www.newcardapply.com/07988?ecid=EM_29288
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
b04d982cb68a62301df932c6ae6df80d7bf99d3a99daaa4af85a5cfc4ceeaf30
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
http://www.newcardapply.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,max-age=0
Content-Encoding
gzip
Content-Language
de-DE
Content-Security-Policy
frame-ancestors 'none'
Content-Type
text/html
Date
Wed, 22 Jun 2022 12:23:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
No-cache
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
DENY
X-Powered-By
X-XSS-Protection
1;mode=block
Primary Request directMailApply
online1.elancard.com/pdap/
Redirect Chain
  • https://online1.elancard.com/pdap/begin
  • https://online1.elancard.com/pdap/directMailApply
16 KB
8 KB
Document
General
Full URL
https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
7f102490d25745c4f9a0fac01b4ddc8ed0308e32493a808971960da3353e7cd0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://online1.elancard.com
Referer
https://online1.elancard.com/oad/begin?applicationType=mail-offer&locationCode=07988&ecid=EM_29288
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,max-age=0
Content-Encoding
gzip
Content-Language
de-DE
Content-Security-Policy
frame-ancestors 'none'
Content-Type
text/html;charset=UTF-8
Date
Wed, 22 Jun 2022 12:23:12 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
X-XSS-Protection
1;mode=block

Redirect headers

Cache-Control
no-cache,no-store,max-age=0
Content-Language
de-DE
Content-Length
0
Content-Security-Policy
frame-ancestors 'none'
Date
Wed, 22 Jun 2022 12:23:12 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://online1.elancard.com/pdap/directMailApply
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Powered-By
X-XSS-Protection
1;mode=block
bootstrap.min.css
online1.elancard.com/pdap/static/css/
213 KB
41 KB
Stylesheet
General
Full URL
https://online1.elancard.com/pdap/static/css/bootstrap.min.css?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
106a97e1bf48b29f54988ca07990afbc239863bb4d974328f9e6d5ad95e9c3a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
text/css
Date
Wed, 22 Jun 2022 12:23:12 GMT
shield.css
online1.elancard.com/pdap/static/css/
110 KB
22 KB
Stylesheet
General
Full URL
https://online1.elancard.com/pdap/static/css/shield.css?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
13abd354c91a4ba04353fd013388a71ea2c27a2f8fd9bedddb5f24d9a2e97d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
text/css
Date
Wed, 22 Jun 2022 12:23:12 GMT
jquery-3.6.0.min.js
online1.elancard.com/pdap/static/js/
87 KB
39 KB
Script
General
Full URL
https://online1.elancard.com/pdap/static/js/jquery-3.6.0.min.js?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
application/javascript
Date
Wed, 22 Jun 2022 12:23:13 GMT
bootstrap.min.js
online1.elancard.com/pdap/static/js/
77 KB
30 KB
Script
General
Full URL
https://online1.elancard.com/pdap/static/js/bootstrap.min.js?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
application/javascript
Date
Wed, 22 Jun 2022 12:23:13 GMT
xregexp-all.js
online1.elancard.com/pdap/static/js/
292 KB
99 KB
Script
General
Full URL
https://online1.elancard.com/pdap/static/js/xregexp-all.js?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
784991249e427928d899553b11c3bc2e1a451d9140d5b7fb5c66e2b3aa9361a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
application/javascript
Date
Wed, 22 Jun 2022 12:23:13 GMT
miscCleanup.js
online1.elancard.com/pdap/static/js/
21 KB
10 KB
Script
General
Full URL
https://online1.elancard.com/pdap/static/js/miscCleanup.js?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
0538da853b89e73f55dde9177ccf35fec4b65a7702498aed137a26b00d0202dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
application/javascript
Date
Wed, 22 Jun 2022 12:23:13 GMT
script2.js
online1.elancard.com/pdap/static/js/
782 B
779 B
Script
General
Full URL
https://online1.elancard.com/pdap/static/js/script2.js?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
0ea207289222384879d6a432dbc7a16d78fb4f15f02ee8a95e80ca1ac6ea38bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
application/javascript
Date
Wed, 22 Jun 2022 12:23:13 GMT
style.css
online1.elancard.com/pdap/static/css/
2 KB
956 B
Stylesheet
General
Full URL
https://online1.elancard.com/pdap/static/css/style.css?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
195fe9824bc9410c28d2a08f18954e5370f5d8034fc8c3a013a0a5f4a3e21c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
text/css
Date
Wed, 22 Jun 2022 12:23:13 GMT
js
maps.googleapis.com/maps/api/
164 KB
54 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyDFzVbE3bW18xuIOAemWQHxXIuyDTciKIg&libraries=places
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
fb0198b96a75cc5ee8d2b418181b49d5dbf002ee8fc5b7e9a0378d909a6f0068
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:13 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=23
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54639
x-xss-protection
0
expires
Wed, 22 Jun 2022 12:53:13 GMT
utag.sync.js
tags.tiqcdn.com/utag/usbank/external/prod/
150 KB
49 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/usbank/external/prod/utag.sync.js
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1be88d6c80cac5c7d7c44a6ce0a7d9b8316256f2087208ab0ceec0fe3a8f94fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:14 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 19:14:45 GMT
server
AkamaiNetStorage
etag
"0e07aa3cbcfc3e37e410aa6e791c747b:1649358884.915904"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Wed, 22 Jun 2022 12:28:14 GMT
mainStyle.css
online1.elancard.com/pdap/static/css/
242 KB
62 KB
Stylesheet
General
Full URL
https://online1.elancard.com/pdap/static/css/mainStyle.css?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
6d02e9e357da063d8d547156fba0ede31134f4b9ed9564d0584d2796d1e9a220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
text/css
Date
Wed, 22 Jun 2022 12:23:13 GMT
vendor.js
online1.elancard.com/pdap/static/js/
994 KB
382 KB
Script
General
Full URL
https://online1.elancard.com/pdap/static/js/vendor.js?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
76c708f3eb30b3aa47fe8715d0e7877181f173eb8fa7ebb737203e2bf50b6149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
application/javascript
Date
Wed, 22 Jun 2022 12:23:13 GMT
pdap-ui.js
online1.elancard.com/pdap/static/js/
648 KB
169 KB
Script
General
Full URL
https://online1.elancard.com/pdap/static/js/pdap-ui.js?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
9392efe941ff55f5b8e57fc28fdc61073d97cf9743b0a5bf76212f30da0f906f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Vary
Accept-Encoding
Content-Language
en-US
X-XSS-Protection
1;mode=block
Transfer-Encoding
chunked
Content-Type
application/javascript
Date
Wed, 22 Jun 2022 12:23:13 GMT
1.css
fast.fonts.net/t/
0
621 B
Stylesheet
General
Full URL
https://fast.fonts.net/t/1.css?apiType=css&projectid=cd38605f-0a87-40cc-9870-8bd4d2826839
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/static/css/shield.css?ver=22.05.239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:14 GMT
cf-cache-status
HIT
age
366765
cf-ray
71f4f4399b8590a3-FRA
content-length
0
x-amz-id-2
TygxUQTJPwygh27EEuwGyI60urL9sBrP2BRHxAldw6ng+Tv2U8VW0zD3W7/VYqbO3S6ypoJaGp0=
last-modified
Tue, 23 Mar 2021 12:59:23 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
NZYHACD7TXR8DFQT
cache-control
public, max-age=0, s-maxage=604800
x-amz-version-id
null
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-amz-meta-mtime
1519217722
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&key=AIzaSyDFzVbE3bW18xuIOAemWQHxXIuyDTciKIg&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://online1.elancard.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
utag.js
tags.tiqcdn.com/utag/usbank/external/prod/
434 KB
126 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js?ver=22.05.239
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bf09f57ddaa72545022405d763c853d2d77c0eb4a352e79060f040751cc09f36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:14 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 19:14:44 GMT
server
AkamaiNetStorage
etag
"3466d9d58d18711d5b3fcf70cf988119:1649358884.502306"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Wed, 22 Jun 2022 12:28:14 GMT
resource.png
globalsiteanalytics.com/resource/
67 B
645 B
XHR
General
Full URL
https://globalsiteanalytics.com/resource/resource.png
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/static/js/miscCleanup.js?ver=22.05.239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.251.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.251.104.ip.incapdns.net
Software
Apache-Coyote/1.1 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:14 GMT
last-modified
Wed, 22 Jun 2022 12:23:14 GMT
server
Apache-Coyote/1.1
content-type
image/png
access-control-allow-origin
*
x-iinfo
15-132064471-130989395 pNNN RT(1655900594567 8) q(0 0 0 0) r(2 2) U5
cache-control
max-age=31536000, private
content-length
67
x-cdn
Imperva
expires
Thu, 22 Jun 2023 12:23:14 GMT
hdim
globalsiteanalytics.com/service/
2 KB
2 KB
XHR
General
Full URL
https://globalsiteanalytics.com/service/hdim
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/static/js/miscCleanup.js?ver=22.05.239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.251.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.251.104.ip.incapdns.net
Software
/
Resource Hash
af26a37d2face01a4f3e4b3acd772a71220623189aebbbad20d5cbfea4bd42e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
x-iinfo
15-132064471-132064474 nNYN RT(1655900594567 9) q(0 0 5 2) r(7 7) U5
date
Wed, 22 Jun 2022 12:23:15 GMT
cache-control
no-cache, no-transform
x-cdn
Imperva
content-encoding
gzip
content-type
text/plain
HelveticaNeueLTStd-Roman.otf
online1.elancard.com/pdap/static/css/fonts/
24 KB
25 KB
Font
General
Full URL
https://online1.elancard.com/pdap/static/css/fonts/HelveticaNeueLTStd-Roman.otf
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/static/css/style.css?ver=22.05.239
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
799f813018e677cc2d55ad86ab17949d95633aef9ec6dd0d3074ec3c94344729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

Referer
https://online1.elancard.com/pdap/static/css/style.css?ver=22.05.239
Origin
https://online1.elancard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Content-Language
en-US
Cache-Control
no-cache="set-cookie, set-cookie2"
Date
Wed, 22 Jun 2022 12:23:13 GMT
Content-Type
application/x-font-otf
Content-Length
24960
X-XSS-Protection
1;mode=block
Expires
Thu, 01 Dec 1994 16:00:00 GMT
HelveticaNeueLTStd-Bd.otf
online1.elancard.com/pdap/static/css/fonts/
25 KB
26 KB
Font
General
Full URL
https://online1.elancard.com/pdap/static/css/fonts/HelveticaNeueLTStd-Bd.otf
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/static/css/style.css?ver=22.05.239
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
93b1868abe369ceb44c8a50eec608128f4c96de294460786dcbf0deb614edc04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

Referer
https://online1.elancard.com/pdap/static/css/style.css?ver=22.05.239
Origin
https://online1.elancard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 03 Jun 2022 18:34:38 GMT
Server
X-Powered-By
Content-Language
en-US
Cache-Control
no-cache="set-cookie, set-cookie2"
Date
Wed, 22 Jun 2022 12:23:13 GMT
Content-Type
application/x-font-otf
Content-Length
25768
X-XSS-Protection
1;mode=block
Expires
Thu, 01 Dec 1994 16:00:00 GMT
7987.png
online1.elancard.com/pdap/teamsite/decisioning/elan/images/partner-logos/
11 KB
11 KB
Image
General
Full URL
https://online1.elancard.com/pdap/teamsite/decisioning/elan/images/partner-logos/7987.png
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
170.135.184.54 Owensboro, United States, ASN3147 (US-BANCORP, US),
Reverse DNS
Software
/
Resource Hash
571824efc0b8850ba4e8c38124e192f292faf1598083489317f1a52d93190724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/pdap/directMailApply
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Sun, 02 Feb 2020 20:07:11 GMT
Server
X-Powered-By
Content-Language
en-US
Date
Wed, 22 Jun 2022 12:23:13 GMT
Content-Type
image/png
Content-Length
10792
X-XSS-Protection
1;mode=block
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1655900594885
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1655900594885
3 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1655900594885
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Server
34.251.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-67-138.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cb4cb7a2ffe25e7a612ce64e705b4680957ccc1f38dd31ab5bfd2db13f850437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-020703e21.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
qgiqqHBCSwg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://online1.elancard.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1152
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v034-08fac1c2a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://online1.elancard.com
X-TID
qgnFDYOsSz0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1655900594885
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
quantum-usbank.js
cdn.quantummetric.com/qscripts/
1 MB
170 KB
Script
General
Full URL
https://cdn.quantummetric.com/qscripts/quantum-usbank.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js?ver=22.05.239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c294552118bf28eeb59c604fb77871b5691e9cecbbdd56afb94f711ed56b6f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:14 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
282
etag
W/"165583837848016548048971031655884807881"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000
cf-ray
71f4f43e5bf291db-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utag.64.js
tags.tiqcdn.com/utag/usbank/external/prod/
21 KB
7 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/usbank/external/prod/utag.64.js?utv=ut4.46.202010291831
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js?ver=22.05.239
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
52385f14fb39cc1d62181b18787657599fac8696a19e2d286f8784193bfece26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:14 GMT
content-encoding
gzip
last-modified
Thu, 29 Oct 2020 18:35:24 GMT
server
AkamaiNetStorage
etag
"8ff8cafe2c156f84ada7b8e3dbe5a6db:1603996524.430001"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6830
expires
Thu, 07 Jul 2022 12:23:14 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
202 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=usbank/external/202204071914&cb=1655900594908
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js?ver=22.05.239
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:14 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Wed, 22 Jun 2022 12:33:14 GMT
fbevents.js
connect.facebook.net/en_US/
100 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js?ver=22.05.239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
FI18u/lBiT6k2Htv8LiI7Rxj44YKQsfruT5MZtfHq24vHZMs+8GSNsi5v2ZJaqbIy2KWV1RoGtOnqH4LeA8haw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 22 Jun 2022 12:23:14 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
59
connect.facebook.net/signals/config/
5 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/59?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
810fda6e40a374553e6f4754ff8f10da654ca5ae8a3b3bfa5a0ff0838d2dfe1c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ixVkixU6RlC5D27DOF8wOu/NQXxpU34hVWl7I2NAPEWgmgi/CcWRM23LH6Gn9g/brr+znXxJia8LCtRxaxOY2g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 22 Jun 2022 12:23:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655900595006
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dest5.html
usbank.demdex.net/ Frame 0878
7 KB
3 KB
Document
General
Full URL
https://usbank.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js?ver=22.05.239
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.144.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-144-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://online1.elancard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v034-017443be0.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
2rErmJi8RIQ=
content-encoding
gzip
date
Wed, 22 Jun 2022 12:23:15 GMT
last-modified
Wed, 8 Jun 2022 12:46:11 GMT
vary
accept-encoding
id
smetrics.sdcvisit.com/
48 B
511 B
XHR
General
Full URL
https://smetrics.sdcvisit.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=675616D751E567410A490D4C%40AdobeOrg&mid=56247371816910552720018943079979529254&ts=1655900595115
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js?ver=22.05.239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
ad0a474253cc80db2e5b601ad756f8a972d59b1d0182a8fd47fe49329d3b4727
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://online1.elancard.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Jun 2022 12:23:15 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-b974f6d7-5c5fk
vary
Origin
x-c
main-1655.I545bee.M0-581
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://online1.elancard.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YrMJswAAABesXANn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=56482452274690320480013160124316611326
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrMJswAAABesXANn
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrMJswAAABesXANn
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
HTTP/1.1
Server
34.251.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-67-138.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-0618c3017.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
j7TcYwfcQU8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrMJswAAABesXANn
Date
Wed, 22 Jun 2022 12:23:15 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=59&ev=PageView&dl=https%3A%2F%2Fonline1.elancard.com%2Fpdap%2FdirectMailApply&rl=https%3A%2F%2Fonline1.elancard.com%2Foad%2Fbegin%3FapplicationType%3Dmail-offer%26locationCode%3D07988%26ecid%3DEM_29288&if=false&ts=1655900595125&sw=1600&sh=1200&v=2.9.62&r=stable&a=tmtealium&ec=0&o=28&it=1655900594962&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&exp=p0&rqm=GET
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 22 Jun 2022 12:23:15 GMT
s41801555807043
smetrics.sdcvisit.com/b/ss/micrositeprod/10/JS-2.18.0/
3 KB
3 KB
Script
General
Full URL
https://smetrics.sdcvisit.com/b/ss/micrositeprod/10/JS-2.18.0/s41801555807043?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=22%2F5%2F2022%2012%3A23%3A15%203%200&d.&nsid=0&jsonv=1&.d&sdid=2CF21E6C23D30247-4DCCD35B5A593878&mid=56247371816910552720018943079979529254&aamlh=6&ce=UTF-8&pageName=pdap%3Abusiness%3Amail%20offer&g=https%3A%2F%2Fonline1.elancard.com%2Fpdap%2FdirectMailApply&r=https%3A%2F%2Fonline1.elancard.com%2Foad%2Fbegin%3FapplicationType%3Dmail-offer%26locationCode%3D07988%26ecid%3DEM_29288&c.&vidAPICheck=VisitorAPI%20Present&et_dimensions=1600x1200&et_width=1600&et_orientation=landscape&EVENTS=event17%2Cevent11%2Cevent15%2C&.c&cc=USD&v0=EM_29288&events=event17%2Cevent11%2Cevent15&products=%3Bundefined&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=application&c2=pdap_oad&c3=D%3Dv3&v3=New&c4=7%3A15AM&c6=Wednesday&c7=6%2F22%2F2022&v9=prospect&c14=D%3Dg&v15=individual&c18=First%20Visit&c19=1&c24=pdap%3Adirectmailapply&c25=Correspondent%20Financial%20Institution&v26=b2388a23-9c8a-45bd-ad36-4e0230c41b18&c28=Customer&c29=https%3A%2F%2Fonline1.elancard.com%2Fpdap%2FdirectMailApply&v35=D%3DpageName&v36=EM_29288&v37=D%3DUser-Agent&c40=PDAP&v40=D%3Dc2&v43=7988&v44=COMERICA%20BANK&c50=baseCore%7CAM_2.18.0%7C02.20.2020%7CVid_4.4.0%20Tealium&v52=PDAP_OAD&v65=505084&v90=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=675616D751E567410A490D4C%40AdobeOrg&AQE=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js?ver=22.05.239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
8ed085681cd2144276d9c35fae517122fe69f9c164747dc5974a7fc467797e39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-aam-tid
yTceUsaNS2o=
date
Wed, 22 Jun 2022 12:23:15 GMT
x-content-type-options
nosniff
x-c
main-1655.I545bee.M0-581
p3p
CP="This is not a P3P policy"
vary
*
content-length
3118
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-1-v034-079d20855.edge-irl1.demdex.com UNKNOWN
pragma
no-cache
last-modified
Thu, 23 Jun 2022 12:23:15 GMT
server
jag
xserver
anedge-b974f6d7-bw24k
etag
3556019452259827712-4619863380626589159
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 21 Jun 2022 12:23:15 GMT
365868.gif
idsync.rlcdn.com/ Frame 0878
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=56482452274690320480013160124316611326
Requested by
Host: online1.elancard.com
URL: https://online1.elancard.com/pdap/directMailApply
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tc.dhj
acxmetrics.usbank.com/1/d/
0
199 B
Script
General
Full URL
https://acxmetrics.usbank.com/1/d/tc.dhj?cls=A&dmn=online1.elancard.com&evid=1655900595369
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/prod/utag.js?ver=22.05.239
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://online1.elancard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 22 Jun 2022 12:23:15 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Wed, 22 Jun 2022 13:23:15 GMT
ibs:dpid=771&dpuuid=CAESEAAVTYsna-w06lIf90RfLu0&google_cver=1
dpm.demdex.net/ Frame 0878
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTY0ODI0NTIyNzQ2OTAzMjA0ODAwMTMxNjAxMjQzMTY2MTEzMjY=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTY0ODI0NTIyNzQ2OTAzMjA0ODAwMTMxNjAxMjQzMTY2MTEzMjY=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAAVTYsna-w06lIf90RfLu0&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAAVTYsna-w06lIf90RfLu0&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
34.251.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-67-138.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-01d60a932.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KKIqs+MuT68=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 22 Jun 2022 12:23:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAAVTYsna-w06lIf90RfLu0&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c3270333-716f-4100-b2a2-c93a4b092dbe
https://online1.elancard.com/
17 KB
0
Other
General
Full URL
blob:https://online1.elancard.com/c3270333-716f-4100-b2a2-c93a4b092dbe
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b939eec497bda2f6fde6541be0e8b378d151160ad677629c9b4be7819ce0ba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
17224
Content-Type
application/javascript
adsct
analytics.twitter.com/i/ Frame 0878
43 B
354 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=56482452274690320480013160124316611326&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
116
date
Wed, 22 Jun 2022 12:23:15 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
ceaa4fd4510b1190cc21d67d430484d312defefde4a91b412075a7628f8f36f0
content-length
43
generic
match.adsrvr.org/track/cmf/ Frame 0878
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jun 2022 12:23:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=1957&dpuuid=377803B9F4D7629935C61272F5056338
dpm.demdex.net/ Frame 0878
Redirect Chain
  • https://c.bing.com/c.gif?uid=56482452274690320480013160124316611326&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=377803B9F4D7629935C61272F5056338
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=377803B9F4D7629935C61272F5056338
Protocol
HTTP/1.1
Server
34.251.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-67-138.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-0d5abbf78.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
LE05QxYoQ2k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 22 Jun 2022 12:23:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AEB99CA7FD5F4E6FBEFEE5FB05BAF2D5 Ref B: FRAEDGE1216 Ref C: 2022-06-22T12:23:15Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=377803B9F4D7629935C61272F5056338
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0878
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXJNSnN3QUFBQmVzWEFObg==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXJNSnN3QUFBQmVzWEFObg==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jun 2022 12:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Jun 2022 12:23:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1655900596.850429,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXJNSnN3QUFBQmVzWEFObg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 0878
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YrMJswAAABesXANn&expires=90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YrMJswAAABesXANn&expires=90
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 22 Jun 2022 12:23:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1655900596.922415,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YrMJswAAABesXANn&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 0878
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YrMJswAAABesXANn
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YrMJswAAABesXANn&C=1
43 B
783 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YrMJswAAABesXANn&C=1
Protocol
HTTP/1.1
Server
23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Jun 2022 12:23:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 22 Jun 2022 12:23:16 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Jun 2022 12:23:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=88&external_user_id=YrMJswAAABesXANn&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Wed, 22 Jun 2022 12:23:16 GMT
bounce
ib.adnxs.com/ Frame 0878
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YrMJswAAABesXANn
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYrMJswAAABesXANn
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYrMJswAAABesXANn
Protocol
HTTP/1.1
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Jun 2022 12:23:16 GMT
X-Proxy-Origin
185.213.155.177; 185.213.155.177; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4e3c2697-99cf-4308-81da-1afdc5e1a205
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Jun 2022 12:23:16 GMT
X-Proxy-Origin
185.213.155.177; 185.213.155.177; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
45879b6c-8280-487c-9f38-fd72b1f6ce08
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYrMJswAAABesXANn
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0878
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrMJswAAABesXANn
43 B
275 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrMJswAAABesXANn
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jun 2022 12:23:16 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Jun 2022 12:23:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1655900596.239027,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrMJswAAABesXANn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 0878
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrMJswAAABesXANn
0
225 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrMJswAAABesXANn
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:23:16 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Wed, 22 Jun 2022 12:23:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1655900596.326845,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrMJswAAABesXANn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 0878
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YrMJswAAABesXANn&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YrMJswAAABesXANn&img=1&__user_check__=1&sync_id=17e6f368-f226-11ec-853e-15758c630106
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YrMJswAAABesXANn&img=1&__user_check__=1&sync_id=17e6f368-f226-11ec-853e-15758c630106
Protocol
HTTP/1.1
Server
185.94.180.125 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 22 Jun 2022 12:23:16 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
44
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 22 Jun 2022 12:23:16 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YrMJswAAABesXANn&img=1&__user_check__=1&sync_id=17e6f368-f226-11ec-853e-15758c630106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
82
Connection
keep-alive
Content-Length
0
restricted
mid.rkdms.com/ Frame 0878
Redirect Chain
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=56482452274690320480013160124316611326&_ct=img
  • https://mid.rkdms.com/restricted
0
0
Image
General
Full URL
https://mid.rkdms.com/restricted
Protocol
H2
Server
18.209.37.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://usbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

location
/restricted
date
Wed, 22 Jun 2022 12:23:16 GMT
server
nginx
content-length
0

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| bootstrap object| __core-js_shared__ function| XRegExp object| usb function| checkSpouseSectionRequired object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| jsonData function| e object| reportingData object| webpackJsonpreact-seed function| openWindow function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ boolean| statelessConnectionFlag string| ENV_TYPE function| endPDAPSession function| disablePDAPSession boolean| utag_condload object| Utagger object| utag_data object| trackObj string| icid string| ecid object| utag object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement object| utag_cfg_ovrd object| publisherFW string| txt object| cookieArray boolean| isSetCampaign object| pagereload object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor object| __TEALIUM function| targetPageParamsAll function| targetPageParams number| s_objectID number| s_giq function| fbq function| _fbq function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| qmWaitForEventData boolean| qmStorageAvail function| createSample function| evalSelector function| qmSetCookie function| toLowerCase function| qmGetValFromDL function| qmFindObject function| consoleError function| QuantumMetricConfigureEncryptScrubList function| DIL string| mid string| apptype string| aid string| riblpid string| j string| f0 string| s_tnt object| s_i_micrositeprod object| usbData object| rTag function| qmGetActiveEncryptionRules function| qmflate function| _QuantumMetricSymbol

29 Cookies

Domain/Path Name / Value
online1.elancard.com/pdap Name: pageReload
Value: true
online1.elancard.com/pdap Name: ecid
Value: EM_29288
.comerica.com/ Name: AMCV_675616D751E567410A490D4C%40AdobeOrg
Value: MCMID%7C27873586644464394073363906342845677567
.comerica.com/ Name: nlid
Value: 13045667|93d1f2c
online1.elancard.com/ Name: SameSite
Value: None
online1.elancard.com/ Name: JSESSIONID
Value: 00002XMV0sGfKxmbSekp76G-Vy5:1amc9n87d
online1.elancard.com/ Name: ELANCARD
Value: 2446230026.63785.0000
.fonts.net/ Name: __cf_bm
Value: V_hOIncp6CH7yH1KZ2ljeiebyEfhRTz10lCymDh64tg-1655900594-0-AVlWiiEIKnGTz374Qhi3AHIZtSTMdLIgeJNdjSnNfB1ey5GJHfoJmV+dsMPtntwi5ZBrBgy2oRdFazce3bYo1vM=
.elancard.com/ Name: utag_main
Value: v_id:01818b5de2bb002b850a0ff0ce7403073003106b00b08$_sn:1$_se:1$_ss:1$_st:1655902394876$ses_id:1655900594876%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:elancard.com
online1.elancard.com/ Name: ADRUM_BTa
Value: R:68|g:6fc74150-caff-41c8-80e3-813ab9b8d837|n:USBANK_351d091f-c3a8-4779-a0da-4a53785ebec3
.demdex.net/ Name: demdex
Value: 56482452274690320480013160124316611326
.elancard.com/ Name: AMCVS_675616D751E567410A490D4C%40AdobeOrg
Value: 1
.elancard.com/ Name: lastField
Value: no%20field%20clicked
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YrMJswAAABesXANn
.elancard.com/ Name: s_pers
Value: %20s_ev36%3D%255B%255B%2527EM_29288%2527%252C%25271655900595264%2527%255D%255D%7C1813666995264%3B%20s_lv%3D1655900595265%7C1750508595265%3B%20s_lv_s%3DFirst%2520Visit%7C1655902395265%3B%20s_nr%3D1655900595268-New%7C1828700595268%3B%20s_vnum%3D1828700595291%2526vn%253D1%7C1828700595291%3B%20s_invisit%3Dtrue%7C1655902395291%3B%20sc_visit_start%3D1%7C1655902395300%3B%20s_visitStart%3D1%7C1655902395302%3B%20s_prevPage%3Dpdap%253Abusiness%253Amail%2520offer%7C1655902395303%3B
.elancard.com/ Name: s_sess
Value: %20s_campaign%3DEM_29288%3B%20s_cpc%3D1%3B%20s_cc%3Dtrue%3B
.dpm.demdex.net/ Name: dpm
Value: 56482452274690320480013160124316611326
.elancard.com/ Name: AMCV_675616D751E567410A490D4C%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19166%7CMCMID%7C56247371816910552720018943079979529254%7CMCAAMLH-1656505395%7C6%7CMCAAMB-1656505395%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1655907795s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19173%7CvVersion%7C4.4.0
.online1.elancard.com/ Name: aam_uuid
Value: 56482452274690320480013160124316611326
.doubleclick.net/ Name: IDE
Value: AHWqTUneaQWDeiNMZW8QtiyQjsa-19yOGHIpi5pJ8Y8JEfMgWm3V8KLiB7zc4Htz628
.twitter.com/ Name: personalization_id
Value: "v1_2haLcN+Scl55TBP06R5WcA=="
.bing.com/ Name: MUID
Value: 377803B9F4D7629935C61272F5056338
.casalemedia.com/ Name: CMID
Value: YrMJtGhREs3qRJqckgLJywAA
.casalemedia.com/ Name: CMPS
Value: 3277
.casalemedia.com/ Name: CMPRO
Value: 3277
.adnxs.com/ Name: uuid2
Value: 2091950522494826596
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2Il_kt7LH!]tbPl1MwL(!R7qUY$+H^C/dWYWJWdG5su'Cd8)!fd1OZ<QG=%9sk?bIRwi:w9Ld1ijD:-TWBCu(lOfM!x%vb*ShBf
.demdex.net/ Name: dextp
Value: 60-1-1655900595314|771-1-1655900595414|1123-1-1655900595515|903-1-1655900595616|1957-1-1655900595717|144230-1-1655900595818|144231-1-1655900595918|144232-1-1655900596019|144233-1-1655900596120|144234-1-1655900596222|144235-1-1655900596323|144236-1-1655900596423|129099-1-1655900596524
.spotxchange.com/ Name: audience
Value: 17e6f32b-f226-11ec-853e-15758c630106

1 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=56482452274690320480013160124316611326
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acxmetrics.usbank.com
analytics.twitter.com
c.bing.com
cdn.quantummetric.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
fast.fonts.net
globalsiteanalytics.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
maps.googleapis.com
match.adsrvr.org
mid.rkdms.com
online1.elancard.com
pixel.rubiconproject.com
smetrics.sdcvisit.com
sync-tm.everesttech.net
sync.search.spotxchange.com
t12.creditcards.comerica.com
tags.tiqcdn.com
us-u.openx.net
usbank.demdex.net
www.facebook.com
www.newcardapply.com
104.244.42.67
104.75.88.194
107.154.251.104
142.250.186.66
15.188.95.229
151.101.66.49
170.135.104.110
170.135.184.54
18.209.37.226
185.64.190.80
185.94.180.125
23.35.228.247
23.36.162.16
2606:4700:10::6816:35fc
2606:4700::6811:e14e
2620:1ec:c11::200
2a00:1450:4001:82f::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.246.144.250
34.248.32.199
34.251.67.138
34.98.64.218
35.244.174.68
35.71.131.137
37.252.172.250
54.212.154.153
69.173.144.165
0538da853b89e73f55dde9177ccf35fec4b65a7702498aed137a26b00d0202dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea207289222384879d6a432dbc7a16d78fb4f15f02ee8a95e80ca1ac6ea38bc
106a97e1bf48b29f54988ca07990afbc239863bb4d974328f9e6d5ad95e9c3a4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13abd354c91a4ba04353fd013388a71ea2c27a2f8fd9bedddb5f24d9a2e97d6b
195fe9824bc9410c28d2a08f18954e5370f5d8034fc8c3a013a0a5f4a3e21c9d
1be88d6c80cac5c7d7c44a6ce0a7d9b8316256f2087208ab0ceec0fe3a8f94fa
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52385f14fb39cc1d62181b18787657599fac8696a19e2d286f8784193bfece26
571824efc0b8850ba4e8c38124e192f292faf1598083489317f1a52d93190724
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
6b939eec497bda2f6fde6541be0e8b378d151160ad677629c9b4be7819ce0ba8
6d02e9e357da063d8d547156fba0ede31134f4b9ed9564d0584d2796d1e9a220
76c708f3eb30b3aa47fe8715d0e7877181f173eb8fa7ebb737203e2bf50b6149
784991249e427928d899553b11c3bc2e1a451d9140d5b7fb5c66e2b3aa9361a2
799f813018e677cc2d55ad86ab17949d95633aef9ec6dd0d3074ec3c94344729
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f102490d25745c4f9a0fac01b4ddc8ed0308e32493a808971960da3353e7cd0
810fda6e40a374553e6f4754ff8f10da654ca5ae8a3b3bfa5a0ff0838d2dfe1c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed085681cd2144276d9c35fae517122fe69f9c164747dc5974a7fc467797e39
9392efe941ff55f5b8e57fc28fdc61073d97cf9743b0a5bf76212f30da0f906f
93b1868abe369ceb44c8a50eec608128f4c96de294460786dcbf0deb614edc04
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0a474253cc80db2e5b601ad756f8a972d59b1d0182a8fd47fe49329d3b4727
af26a37d2face01a4f3e4b3acd772a71220623189aebbbad20d5cbfea4bd42e2
b04d982cb68a62301df932c6ae6df80d7bf99d3a99daaa4af85a5cfc4ceeaf30
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf09f57ddaa72545022405d763c853d2d77c0eb4a352e79060f040751cc09f36
c294552118bf28eeb59c604fb77871b5691e9cecbbdd56afb94f711ed56b6f44
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb4cb7a2ffe25e7a612ce64e705b4680957ccc1f38dd31ab5bfd2db13f850437
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb0198b96a75cc5ee8d2b418181b49d5dbf002ee8fc5b7e9a0378d909a6f0068
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e