usbankwinterwhiteoutsweeps.gmrpreprod.com Open in urlscan Pro
3.21.65.210  Public Scan

URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Submission: On November 12 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 25 HTTP transactions. The main IP is 3.21.65.210, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is usbankwinterwhiteoutsweeps.gmrpreprod.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 17th 2024. Valid for: a year.
This is the only time usbankwinterwhiteoutsweeps.gmrpreprod.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 3.21.65.210 16509 (AMAZON-02)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.203.70.159 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.99 15169 (GOOGLE)
25 6
Apex Domain
Subdomains
Transfer
12 gmrpreprod.com
usbankwinterwhiteoutsweeps.gmrpreprod.com
471 KB
8 cdn-cookieyes.com
cdn-cookieyes.com — Cisco Umbrella Rank: 7776
77 KB
2 cookieyes.com
log.cookieyes.com — Cisco Umbrella Rank: 8523
437 B
1 gstatic.com
fonts.gstatic.com
50 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
107 KB
25 6
Domain Requested by
12 usbankwinterwhiteoutsweeps.gmrpreprod.com usbankwinterwhiteoutsweeps.gmrpreprod.com
8 cdn-cookieyes.com usbankwinterwhiteoutsweeps.gmrpreprod.com
cdn-cookieyes.com
2 log.cookieyes.com cdn-cookieyes.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com usbankwinterwhiteoutsweeps.gmrpreprod.com
1 www.googletagmanager.com usbankwinterwhiteoutsweeps.gmrpreprod.com
25 6

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com
therulespage.com
www.usbank.com
Subject Issuer Validity Valid
*.gmrpreprod.com
Amazon RSA 2048 M02
2024-06-17 -
2025-07-16
a year crt.sh
cdn-cookieyes.com
WE1
2024-09-22 -
2024-12-21
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
log.cookieyes.com
Amazon RSA 2048 M02
2024-03-26 -
2025-04-25
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Frame ID: 9B590C1C20D1B9DFCCB3DDE8273604D0
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

U.S. Bank Winter Whiteout Sweepstakes

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

706 kB
Transfer

1082 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
usbankwinterwhiteoutsweeps.gmrpreprod.com/
13 KB
13 KB
Document
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e0ffde9ffe6485194c97f9a407d97484cfa89d70c48ebac05daef2e7fcca5e90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 21:56:25 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
script.js
cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/
96 KB
34 KB
Script
General
Full URL
https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/script.js
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252eb8a2ae251bd65095c6d0cadd3d64ac0c35b39db95b57b7d6772b5e7ccdfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
"17f88-626577994de1b-gzip"
age
441550
access-control-allow-methods
GET, OPTIONS
cf-ray
8e19c59cd92ed384-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
34146
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 19:16:44 GMT
vary
Accept-Encoding
server
cloudflare
index.css
usbankwinterwhiteoutsweeps.gmrpreprod.com/css/
9 KB
9 KB
Stylesheet
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/css/index.css
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ffd908bbef97ac7804028b41e51c054e5c6127ea28a47ed1f6c2c257c1c11a8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

etag
"1db1022ec7b752b"
accept-ranges
bytes
content-length
9003
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 14:46:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
js
www.googletagmanager.com/gtag/
322 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CKG2KD2MZJ
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12342f28d6d7c5e8518b65e8cae06b935eb6e6f027c37dfbb5f1641b61a2541d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 12 Nov 2024 21:56:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109368
x-xss-protection
0
server
Google Tag Manager
logo-lockup.png
usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/images/
48 KB
48 KB
Image
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/images/logo-lockup.png
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
378953b9731b3394fb44c0b0d8bbe619dbde267176008b3b5aa3fb1ba3246956

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

etag
"1db0a0aaf0780c8"
accept-ranges
bytes
content-length
49096
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
image/png
last-modified
Wed, 18 Sep 2024 20:38:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
hero-img.jpg
usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/images/
194 KB
195 KB
Image
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/images/hero-img.jpg
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b8455fe5111df80a4f8ce64dfcecd12d0c6ce439f61a8e66d0a401a89c3ec101

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

etag
"1db1022e1c3c9cf"
accept-ranges
bytes
content-length
198863
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
image/jpeg
last-modified
Thu, 26 Sep 2024 14:46:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
checkmark.png
usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/images/
7 KB
7 KB
Image
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/images/checkmark.png
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92ebb19cf1ad1fe2f6836a96d5132b0e3611acd0de04935288aaa639a91a556c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

etag
"1db0a0aaf072491"
accept-ranges
bytes
content-length
7057
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
image/png
last-modified
Wed, 18 Sep 2024 20:38:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
jquery.min.js
usbankwinterwhiteoutsweeps.gmrpreprod.com/lib/jquery/dist/
87 KB
88 KB
Script
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/lib/jquery/dist/jquery.min.js
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

etag
"1db09e3e4e5a09f"
accept-ranges
bytes
content-length
89503
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
text/javascript
last-modified
Wed, 18 Sep 2024 16:00:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
jquery.validate.min.js
usbankwinterwhiteoutsweeps.gmrpreprod.com/lib/jquery-validation/dist/
24 KB
24 KB
Script
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/lib/jquery-validation/dist/jquery.validate.min.js
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

etag
"1db09e3e4e49d1c"
accept-ranges
bytes
content-length
24604
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
text/javascript
last-modified
Wed, 18 Sep 2024 16:00:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
jquery.validate.unobtrusive.min.js
usbankwinterwhiteoutsweeps.gmrpreprod.com/lib/jquery-validation-unobtrusive/
6 KB
6 KB
Script
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

etag
"1db09e3e4e4ebc7"
accept-ranges
bytes
content-length
5831
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
text/javascript
last-modified
Wed, 18 Sep 2024 16:00:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
site.js
usbankwinterwhiteoutsweeps.gmrpreprod.com/js/
6 KB
7 KB
Script
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/js/site.js
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a5279dfd983de80d0bbc5a30fec119df55beee93c2b1e0f5572d6b7843766a67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

etag
"1db14c987fc5a7e"
accept-ranges
bytes
content-length
6526
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
text/javascript
last-modified
Wed, 02 Oct 2024 12:49:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
log
log.cookieyes.com/api/v1/
2 B
219 B
Ping
General
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.70.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-70-159.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryUwhVucMM5B0MSw6a
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

x-robots-tag
noindex, nofollow
link
<https://www.cookieyes.com>; rel="canonical"
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin
*
content-length
2
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
banner.js
cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/
101 KB
33 KB
Script
General
Full URL
https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/banner.js
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c772d3331a3c1d64be23749f7470955c0e2c3b3136622f5e47a97bcb278a7643

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
"19294-626577994de1b-gzip"
age
441549
access-control-allow-methods
GET, OPTIONS
cf-ray
8e19c59e2c03d384-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
33688
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 19:16:44 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,100..900;1,100..900&display=swap
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebe238b612fb9dfb960d008542d36093fcc2faa2089cf25146976b9c5325dc9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 21:56:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 12 Nov 2024 21:11:47 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
U.S.BankCircularWeb-Regular.woff2
usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/fonts/
67 KB
68 KB
Font
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/fonts/U.S.BankCircularWeb-Regular.woff2
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
79ca97d1e5674e78e82c9217f3c606e117a44b2fb00a067b1143e0b8d72f0dc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://usbankwinterwhiteoutsweeps.gmrpreprod.com
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/css/index.css

Response headers

etag
"1db0a0aaf0632ef"
accept-ranges
bytes
content-length
69103
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
font/woff2
last-modified
Wed, 18 Sep 2024 20:38:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
select-arrow.png
usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/assets/images/select-arrow.png
Requested by
Host: usbankwinterwhiteoutsweeps.gmrpreprod.com
URL: https://usbankwinterwhiteoutsweeps.gmrpreprod.com/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
80835ca035532b39dba22488b696398fd387a4dcd9c006334c3219234413cdc1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/css/index.css

Response headers

etag
"1db1022e1c0c92a"
accept-ranges
bytes
content-length
2090
date
Tue, 12 Nov 2024 21:56:25 GMT
content-type
image/png
last-modified
Thu, 26 Sep 2024 14:46:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://usbankwinterwhiteoutsweeps.gmrpreprod.com
Referer
https://fonts.googleapis.com/

Response headers

age
539671
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 16:01:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:01:55 GMT
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
51404
x-xss-protection
0
server
sffe
VCkJ255b.json
cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/
44 B
337 B
Fetch
General
Full URL
https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/VCkJ255b.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea426ffb79063a1501038834ae41d711eb0d2ed891cce934fe4a167f010e9881

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2c-626577994ce7b"
age
441576
access-control-allow-methods
GET, OPTIONS
cf-ray
8e19c5a0b862d39d-FRA
access-control-allow-origin
*
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Thu, 07 Nov 2024 19:16:44 GMT
favicon.ico
usbankwinterwhiteoutsweeps.gmrpreprod.com/
4 KB
4 KB
Other
General
Full URL
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.21.65.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-65-210.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ee6fbdfc91a951ee1064ed3fd125f8628f1ca9e9c0b2ef92e71a5c11849e41c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

etag
"1db0a0aaf072fbe"
accept-ranges
bytes
content-length
4286
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
image/x-icon
last-modified
Wed, 18 Sep 2024 20:38:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
QB-s2MVy.json
cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/config/
31 KB
5 KB
Fetch
General
Full URL
https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/config/QB-s2MVy.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3490a641df5422bda5ffb752907c370e0d5bb3adab1de38fb43e93c6e09b117

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"7dde-626577994de1b"
age
441575
access-control-allow-methods
GET, OPTIONS
cf-ray
8e19c5a118f2d39d-FRA
access-control-allow-origin
*
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Thu, 07 Nov 2024 19:16:44 GMT
tnReK43S.json
cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/translations/
2 KB
814 B
Fetch
General
Full URL
https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/translations/tnReK43S.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f105b1c4147ad1cc199000ccaaf4541d38a9ac48401d50026b1a60d8cc750d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6ef-626577994de1b"
age
441575
access-control-allow-methods
GET, OPTIONS
cf-ray
8e19c5a17988d39d-FRA
access-control-allow-origin
*
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Thu, 07 Nov 2024 19:16:44 GMT
l-DBkRiM.json
cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/audit-table/
2 KB
1000 B
Fetch
General
Full URL
https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/audit-table/l-DBkRiM.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7455ac720258b8ac527e9c57e55ea0faa8067273dbac9f62e4bb3e7601440fbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"955-626577994ce7b"
age
441575
access-control-allow-methods
GET, OPTIONS
cf-ray
8e19c5a1ca1ad39d-FRA
access-control-allow-origin
*
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Thu, 07 Nov 2024 19:16:44 GMT
close.svg
cdn-cookieyes.com/assets/images/
1 KB
841 B
Image
General
Full URL
https://cdn-cookieyes.com/assets/images/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

cache-control
max-age=0, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"541-5da3a66c769d4"
age
349168
cf-ray
8e19c5a21cf0d384-FRA
access-control-allow-origin
*
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
last-modified
Tue, 15 Mar 2022 04:40:50 GMT
poweredbtcky.svg
cdn-cookieyes.com/assets/images/
4 KB
2 KB
Image
General
Full URL
https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

cache-control
max-age=0, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"eb2-5da3a68c50d09"
age
321223
cf-ray
8e19c5a21cf2d384-FRA
access-control-allow-origin
*
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
last-modified
Tue, 15 Mar 2022 04:41:24 GMT
log
log.cookieyes.com/api/v1/
2 B
218 B
Ping
General
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/87af8a2eea780217d19b251d/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.70.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-70-159.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary897rBZj3djm6Kwqx
Referer
https://usbankwinterwhiteoutsweeps.gmrpreprod.com/

Response headers

x-robots-tag
noindex, nofollow
link
<https://www.cookieyes.com>; rel="canonical"
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin
*
content-length
2
date
Tue, 12 Nov 2024 21:56:26 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| cookieyes function| gtag object| dataLayer object| regeneratorRuntime function| revisitCkyConsent function| performBannerAction function| getCkyConsent function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
usbankwinterwhiteoutsweeps.gmrpreprod.com/ Name: cookieyes-consent
Value: consentid:MXprb3BjcFY5UU9BSm5CengweDNuMmFCdW9XRUxib3g,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-cookieyes.com
fonts.googleapis.com
fonts.gstatic.com
log.cookieyes.com
usbankwinterwhiteoutsweeps.gmrpreprod.com
www.googletagmanager.com
172.217.18.99
18.203.70.159
2606:4700:10::6816:3a5b
2a00:1450:4001:803::200a
2a00:1450:4001:830::2008
3.21.65.210
12342f28d6d7c5e8518b65e8cae06b935eb6e6f027c37dfbb5f1641b61a2541d
252eb8a2ae251bd65095c6d0cadd3d64ac0c35b39db95b57b7d6772b5e7ccdfa
378953b9731b3394fb44c0b0d8bbe619dbde267176008b3b5aa3fb1ba3246956
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ee6fbdfc91a951ee1064ed3fd125f8628f1ca9e9c0b2ef92e71a5c11849e41c
7455ac720258b8ac527e9c57e55ea0faa8067273dbac9f62e4bb3e7601440fbe
79ca97d1e5674e78e82c9217f3c606e117a44b2fb00a067b1143e0b8d72f0dc8
80835ca035532b39dba22488b696398fd387a4dcd9c006334c3219234413cdc1
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
92ebb19cf1ad1fe2f6836a96d5132b0e3611acd0de04935288aaa639a91a556c
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a5279dfd983de80d0bbc5a30fec119df55beee93c2b1e0f5572d6b7843766a67
a5f105b1c4147ad1cc199000ccaaf4541d38a9ac48401d50026b1a60d8cc750d
b8455fe5111df80a4f8ce64dfcecd12d0c6ce439f61a8e66d0a401a89c3ec101
c772d3331a3c1d64be23749f7470955c0e2c3b3136622f5e47a97bcb278a7643
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
d3490a641df5422bda5ffb752907c370e0d5bb3adab1de38fb43e93c6e09b117
e0ffde9ffe6485194c97f9a407d97484cfa89d70c48ebac05daef2e7fcca5e90
e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c
ea426ffb79063a1501038834ae41d711eb0d2ed891cce934fe4a167f010e9881
ebe238b612fb9dfb960d008542d36093fcc2faa2089cf25146976b9c5325dc9d
ffd908bbef97ac7804028b41e51c054e5c6127ea28a47ed1f6c2c257c1c11a8a