www.americanbanker.com Open in urlscan Pro
143.204.98.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5t...
Effective URL:
https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsle...
Submission: On March 17 via api (March 17th 2022, 3:48:44 am UTC) from SG — Scanned from DE

Summary HTTP 219 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 63 IPs in 6 countries across 43 domains to perform 219 HTTP transactions. The main IP is 143.204.98.6, located in United States and belongs to AMAZON-02, US. The main domain is www.americanbanker.com. The Cisco Umbrella rank of the primary domain is 250517.
TLS certificate: Issued by Amazon on February 21st 2022. Valid for: a year.

This is the only time www.americanbanker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	143.204.98.6 143.204.98.6	16509 (AMAZON-02) (AMAZON-02)
6	18.66.248.35 18.66.248.35	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.25 143.204.98.25	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:bf95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.113.122 99.86.113.122	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	52.45.201.131 52.45.201.131	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	185.167.164.51 185.167.164.51	198622 (ADFORM) (ADFORM)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
2	52.31.189.28 52.31.189.28	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.222 143.204.101.222	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	143.204.98.65 143.204.98.65	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2600:9000:215... 2600:9000:2156:a800:e:ec66:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:fb:... 2a02:26f0:fb:5a0::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.245.59 18.66.245.59	16509 (AMAZON-02) (AMAZON-02)
2 6	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.230.94.213 34.230.94.213	14618 (AMAZON-AES) (AMAZON-AES)
1 6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	54.88.65.136 54.88.65.136	14618 (AMAZON-AES) (AMAZON-AES)
1	34.195.203.63 34.195.203.63	14618 (AMAZON-AES) (AMAZON-AES)
5	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.232.216.152 18.232.216.152	14618 (AMAZON-AES) (AMAZON-AES)
21	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	143.204.101.98 143.204.101.98	16509 (AMAZON-02) (AMAZON-02)
8	52.211.64.143 52.211.64.143	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:224... 2600:9000:224a:3a00:8:2b19:8600:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.217.44.100 52.217.44.100	16509 (AMAZON-02) (AMAZON-02)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
2	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400e:80d::2006	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:3400:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:2a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.107.203.234 34.107.203.234	15169 (GOOGLE) (GOOGLE)
4	2600:9000:215... 2600:9000:2156:1600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
17	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
219	63

2 2606:2c40::c73c:67fe (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.feedzai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-6.fra50.r.cloudfront.net

www.americanbanker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.248.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-35.dus51.r.cloudfront.net

arizent.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-25.fra50.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:bf95 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.113.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-113-122.lhr61.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f006:21:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.201.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-201-131.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.51 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.189.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-189-28.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-222.fra50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-65.fra50.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:a800:e:ec66:e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:fb:5a0::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.245.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-245-59.dus51.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.240 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.230.94.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-94-213.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.65.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-65-136.compute-1.amazonaws.com

api.zetaglobal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.203.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-203-63.compute-1.amazonaws.com

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f106:83:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.232.216.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-216-152.compute-1.amazonaws.com

pixel.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.101.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-98.fra50.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.211.64.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-64-143.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:3a00:8:2b19:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.newsletters.arizent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.44.100 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

source-media-brightspot-lower.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400e:80d::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3400:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d20519brkbo4nz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:1600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 3092 pixel.adsafeprotected.com — Cisco Umbrella Rank: 521 static.adsafeprotected.com — Cisco Umbrella Rank: 500 dt.adsafeprotected.com — Cisco Umbrella Rank: 458	203 KB
25	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 6242 cdn.tinypass.com — Cisco Umbrella Rank: 4116 buy.tinypass.com — Cisco Umbrella Rank: 3573 id.tinypass.com — Cisco Umbrella Rank: 12140	646 KB
21	googlesyndication.com cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	156 KB
17	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	169 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	182 KB
10	gstatic.com fonts.gstatic.com	229 KB
8	cloudfront.net d1z2jf7jlzjs58.cloudfront.net d10lpsik1i8c69.cloudfront.net d20519brkbo4nz.cloudfront.net	106 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	2 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4226 p1cluster.cxense.com — Cisco Umbrella Rank: 6281 comcluster.cxense.com — Cisco Umbrella Rank: 3989 id.cxense.com — Cisco Umbrella Rank: 7754	52 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205 secure.adnxs.com — Cisco Umbrella Rank: 359	7 KB
6	brightspotcdn.com arizent.brightspotcdn.com — Cisco Umbrella Rank: 105565	1 MB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	820 B
5	google.de www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
5	keywee.co 1 redirects cdn.keywee.co — Cisco Umbrella Rank: 6197 pixel.keywee.co — Cisco Umbrella Rank: 4990	35 KB
5	adform.net 2 redirects a2.adform.net — Cisco Umbrella Rank: 5998 s2.adform.net — Cisco Umbrella Rank: 4901	33 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35	33 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 434 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 5153	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
4	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 20600 a.dpmsrv.com — Cisco Umbrella Rank: 17705	41 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	195 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	134 KB
3	arizent.com images.newsletters.arizent.com — Cisco Umbrella Rank: 144523	26 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 338	12 KB
3	boomtrain.com cdn.boomtrain.com — Cisco Umbrella Rank: 4552 people.api.boomtrain.com — Cisco Umbrella Rank: 5003 events.api.boomtrain.com — Cisco Umbrella Rank: 14645	26 KB
2	luckyorange.com settings.luckyorange.com — Cisco Umbrella Rank: 21131	181 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 839 pixel.quantserve.com — Cisco Umbrella Rank: 381	10 KB
2	amazonaws.com source-media-brightspot-lower.s3.amazonaws.com — Cisco Umbrella Rank: 496148	3 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2441 p1.parsely.com — Cisco Umbrella Rank: 1953	26 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1299	13 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	16 KB
2	feedzai.com 1 redirects info.feedzai.com	4 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 792	1 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 281	66 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 6766	2 KB
1	piano.io c2.piano.io — Cisco Umbrella Rank: 3563	9 KB
1	zetaglobal.net api.zetaglobal.net — Cisco Umbrella Rank: 5493	939 B
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 4178	395 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 799	3 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 3944	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	100 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1238	556 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 821	7 KB
1	americanbanker.com www.americanbanker.com — Cisco Umbrella Rank: 250517	78 KB
219	43

	Domain	Requested by
22	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
17	dt.adsafeprotected.com	www.americanbanker.com
11	s0.2mdn.net	securepubads.g.doubleclick.net cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com s0.2mdn.net
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net info.feedzai.com cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.americanbanker.com www.googletagservices.com
10	fonts.gstatic.com	fonts.googleapis.com
9	tpc.googlesyndication.com	info.feedzai.com securepubads.g.doubleclick.net tpc.googlesyndication.com cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
8	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.americanbanker.com
6	d10lpsik1i8c69.cloudfront.net	info.feedzai.com d10lpsik1i8c69.cloudfront.net
6	www.google.com	1 redirects www.americanbanker.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	arizent.brightspotcdn.com	www.americanbanker.com
5	www.facebook.com	www.americanbanker.com
4	static.adsafeprotected.com	pixel.adsafeprotected.com www.americanbanker.com
4	www.google.de	www.americanbanker.com
4	ib.adnxs.com	2 redirects a2.adform.net www.americanbanker.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.americanbanker.com
4	cdn.keywee.co	1 redirects www.americanbanker.com cdn.keywee.co
4	a2.adform.net	2 redirects www.americanbanker.com a2.adform.net
4	connect.facebook.net	www.americanbanker.com connect.facebook.net info.feedzai.com
4	fonts.googleapis.com	www.americanbanker.com buy.tinypass.com
4	www.googletagservices.com	www.americanbanker.com securepubads.g.doubleclick.net cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
3	images.newsletters.arizent.com	buy.tinypass.com
3	a.dpmsrv.com	www.americanbanker.com s.dpmsrv.com
3	bat.bing.com	info.feedzai.com bat.bing.com www.americanbanker.com
2	settings.luckyorange.com	d20519brkbo4nz.cloudfront.net
2	secure.adnxs.com	a2.adform.net www.americanbanker.com
2	cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	source-media-brightspot-lower.s3.amazonaws.com	buy.tinypass.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	px.ads.linkedin.com	2 redirects
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	ml314.com	info.feedzai.com ml314.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	info.feedzai.com	1 redirects
1	pixel.quantserve.com	a2.adform.net
1	id.cxense.com	cdn.cxense.com
1	rules.quantcount.com	secure.quantserve.com
1	comcluster.cxense.com	cdn.cxense.com
1	d20519brkbo4nz.cloudfront.net	d10lpsik1i8c69.cloudfront.net
1	googleads4.g.doubleclick.net	info.feedzai.com
1	secure.quantserve.com	a2.adform.net
1	p1cluster.cxense.com	cdn.cxense.com
1	idsync.rlcdn.com	www.americanbanker.com
1	cm.g.doubleclick.net	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	pixel.keywee.co	www.americanbanker.com
1	c2.piano.io	cdn.tinypass.com
1	p1.parsely.com	www.americanbanker.com
1	events.api.boomtrain.com	cdn.boomtrain.com
1	api.zetaglobal.net	cdn.boomtrain.com
1	id.tinypass.com	cdn.tinypass.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	px4.ads.linkedin.com	www.americanbanker.com
1	www.linkedin.com	1 redirects
1	s.dpmsrv.com	info.feedzai.com
1	vjs.zencdn.net	info.feedzai.com
1	d1z2jf7jlzjs58.cloudfront.net	info.feedzai.com
1	s2.adform.net	www.americanbanker.com
1	snap.licdn.com	www.googletagmanager.com
1	people.api.boomtrain.com	cdn.boomtrain.com
1	cdn.tinypass.com	experience.tinypass.com
1	experience.tinypass.com	www.americanbanker.com
1	cdn.boomtrain.com	www.americanbanker.com
1	www.npttech.com	www.americanbanker.com
1	www.googletagmanager.com	www.americanbanker.com
1	ajax.googleapis.com	www.americanbanker.com
1	cdn.adsafeprotected.com	www.americanbanker.com
1	polyfill.io	www.americanbanker.com
1	unpkg.com	www.americanbanker.com
1	www.americanbanker.com	info.feedzai.com
219	73

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
info.wrightsmedia.com
news.google.com
news.apple.com
www.arizent.com

Subject Issuer	Validity	Valid
info.feedzai.com Cloudflare Inc ECC CA-3	`2021-06-20` - `2022-06-19`	a year	crt.sh
*.accountingtechnology.com Amazon	`2022-02-21` - `2023-03-22`	a year	crt.sh
*.sourcemedia.com Amazon	`2022-03-16` - `2023-04-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cdn.boomtrain.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-24` - `2022-03-24`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-19` - `2022-09-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.api.boomtrain.com Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
*.dpmsrv.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.anyword.com Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
app.zetaglobal.net Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
pixel.keywee.co Sectigo ECC Domain Validation Secure Server CA	`2022-02-01` - `2023-03-03`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
view.newsletters.arizent.com GeoTrust RSA CA 2018	`2022-01-06` - `2023-01-06`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
settings.luckyorange.com R3	`2022-03-05` - `2022-06-03`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Frame ID: 8A5B47064696BD72FF3A640F39182B85
Requests: 128 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTMYWL61R4SU&templateVariantId=OTVL8YQFRN20O&offerId=fakeOfferId&experienceId=EX1EAFJ3ZC4Z&iframeId=offer_da42fa59356a9144bc04-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
Frame ID: 3FA041A934237B5070E49F30D76F7AF3
Requests: 10 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT2ZKYIM82SF&offerId=fakeOfferId&experienceId=EXUG74XED9ZN&iframeId=offer_6d6f23005f39a439ca3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
Frame ID: 3D4B2D6A23C28E846EC43E70A05DA0E8
Requests: 9 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
Frame ID: 896E074563A2EA407FE184C07C159DC5
Requests: 13 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: EFFBA0C0A84D891CDCFBECFEB93D123F
Requests: 4 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=1662401&lid=56730269&ctype=0&media=0&PageName=American_Banker+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsInN2MSI6Ii9uZXdzL2ZyYXVkc3RlcnMtcHJleS1vbi1iYW5rLWN1c3RvbWVycy1yZXR1cm5pbmctdG8tdG91cmlzdC1ob3Qtc3BvdHMiLCJpdG1zIjpbeyJwaWQiOiJPRkZFUl9JRCIsInBubSI6IlByb2R1Y3RSYXRlUGxhbk5hbWUifV19&rnd=1573719260&cpref=&loc=https%3a%2f%2fwww.americanbanker.com%2fnews%2ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spot
Frame ID: 34844648A06B9500566A866463A4A4E7
Requests: 6 HTTP requests in this frame

Frame: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9CE078056E8D73AB437AB30C29AB2262
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C15B1B8601872060E2A02448192BCD6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQuV0frImWe9BKatIgB41lMGpQ3BQ0PeekLU3nyZa9bF6U_KXaUvqYGnRUda-tbYl6SHniIQHNKeG_33n4Ug2vferyw1XSsDPga4ZyEFghSiwUjZ0MHyLVvVUikj0cof_Kqo42zDdivEe0zYdGUcPlWzb3o_W_BI8rl5SHQkp4s2HleqSbD_kyfNdKk2OfEGfmDdyZJpFtdKWBrUoIhO2LCSjqjukR2WAlRWE9e5ggl7IOViiSvcMXM9K_CLgkwvHeRMRmOU0N1aQd8jzl42DOBXPzsrzHWTrEZ7yxhP3zAJNFLPlrroujtltc4Jde1ovbOZW3py7bU0J4ABnLNj1qK8v30lQsZLTXm-TJSBGVu4JqovalKkiGksr3ImjyzaIBYZGPJqz23gYXqz4mE_P0y4A&sig=Cg0ArKJSzLQJ6RJIEITFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 30FC310180A5AFF2793351E954846373
Requests: 7 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=ce8f9a1
Frame ID: 42D9EB01361DB924AACF6DB07C17DBFD
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuywwI1pEDicC7nB_qmQGFYJpeyB7w2BVTRy7k4FUQJ6BGT2hOAq_BSUeDg880LQFrxUvtH-Alf97R6hQo4jujZ0AQFjuZLrkWXjDzZui3-inMT-qR0BbwsfoIZYf3YTDBtYBWACrbf0lhQlSSxL74JFxax2_UMakPAXlI9A-_QWmEUlsfEJ7Sq5v0JOzo7Im3teCYepPZAHTeodxjE2h2qid84uBi-kG0ZFwHxOdgeKFW698Ztx4a4psNczInLZP3SzswqxJ0PJhEEGWoUaCWgLjqDvS61JU6xHCxdEESPZDMTabGse7Gig130E_TID5tFZxHnh-7vszF6exvO&sig=Cg0ArKJSzH0B9YzaHd72EAE&uach_m=[UACH]&adurl=
Frame ID: B1F31C6CF19CBBDDECD018E960CBE459
Requests: 8 HTTP requests in this frame

Frame: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2FA74731B1E6B01D40B52EF70C931C63
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=11046&campId=970x250&pubId=80481493&chanId=93394093&placementId=5892011455&pubCreative=138379340884&pubOrder=2970374088&cb=670559346&custom=collapsed_header1&adsafe_par&impId=200bbe69-a5a5-11ec-8a73-0231bf2059f1&custom2=2022%20Newsletter&custom3=hs_email_email
Frame ID: 2ED768AF7C278F581580F8C3756D2331
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=11046&campId=300x250&pubId=5090446010&chanId=93394093&placementId=5892857402&pubCreative=138382361375&pubOrder=2970457083&cb=2142491812&custom=bigbox1&adsafe_par&impId=201cfc23-a5a5-11ec-8d25-06d8cca89c2a&custom2=2022%20Newsletter&custom3=hs_email_email
Frame ID: B47FE76DA4776702A81956E136568A51
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A4F48FF9F8258FACF185E4C2F3922B1A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html
Frame ID: A5242C64BC31FFFE59F08826A3B17D33
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: A8AA61D9577E0A59373EAB06090D7826
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 39BA0F3B762587DD5E0ECB141C4E5A1F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 978A90CEC1D3D548E6B04BF2C8D1F797
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 378885586049259FCEF525AEABBA6351
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fraudsters prey on bank customers returning to tourist hot spots | American BankerAuthor

Page URL History Show full URLs

https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-... Page URL
https://info.feedzai.com/events/public/v1/encoded/track/tc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5... HTTP 307
https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_ca... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

219
Requests

95 %
HTTPS

55 %
IPv6

43
Domains

73
Subdomains

63
IPs

6
Countries

4046 kB
Transfer

13342 kB
Size

67
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/amerbanker
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanBanker
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-banker/
Title: linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/PaymentsDave
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/daveheun
Title: linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots&text=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots&mini=true&title=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots&summary=Account%20takeovers%20and%20ATM%20skimming%20are%20rampant%20in%20cities%20like%20Las%20Vegas%20and%20New%20York.%20Meanwhile%2C%20scammers%20are%20targeting%20travelers%20as%20they%20attempt%20to%20pay%20airlines%2C%20cruise%20ships%2C%20car%20rental%20companies%20and%20hotels.&source=American%20Banker
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/arizent-licensing-and-reprints
Title: Reprint

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAiEHM5mkGRpz_D4FnrJRAmDuIqFAgKIhBzOZpBkac_w-BZ6yUQJg7i?oc=3&ceid=US:en
Title: googlenews

Search URL Search Domain Scan URL

URL: https://news.apple.com/TJ5D7XbBzSDGlfh0N7DWvTw
Title: applenews

Search URL Search Domain Scan URL

URL: https://www.arizent.com/privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.arizent.com/news/arizent-subscription-agreement
Title: Subscription Agreement

Search URL Search Domain Scan URL

URL: https://www.arizent.com/media-kit
Title: Advertising/Marketing Services

Search URL Search Domain Scan URL

URL: https://www.arizent.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1 Page URL
https://info.feedzai.com/events/public/v1/encoded/track/tc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1?_ud=20811bc5-eb77-478a-b685-f44fa70bc3f5&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 37

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

Request Chain 44

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1647488915272&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3F_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_campaign%3D2022%2520Newsletter%26utm_content%3D189424896%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D189424896 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D674964%26time%3D1647488915272%26url%3Dhttps%253A%252F%252Fwww.americanbanker.com%252Fnews%252Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%253F_hsenc%253Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%2526utm_campaign%253D2022%252520Newsletter%2526utm_content%253D189424896%2526utm_source%253Dhs_email%2526utm_medium%253Demail%2526_hsmi%253D189424896%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1647488915272&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3F_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_campaign%3D2022%2520Newsletter%26utm_content%3D189424896%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D189424896&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1647488915272&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3F_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_campaign%3D2022%2520Newsletter%26utm_content%3D189424896%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D189424896&liSync=true&e_ipv6=AQIIjCM6trSl-wAAAX-V_dxk2jGYSqsWKCqeuYRe1X4OKrtL-SL-Fia6X0ysH-TGBXN1KX5Jug

Request Chain 51

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D342%26pixelIndex%3D0%26r%3D100205%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.americanbanker.com%252Fnews%252Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%253Futm_campaign%253D2022%252520Newsletter%2526utm_medium%253Demail%2526_hsmi%253D189424896%2526_hsenc%253Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%2526utm_content%253D189424896%2526utm_source%253Dhs_email&_=1647488915351 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D342%2526pixelIndex%253D0%2526r%253D100205%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.americanbanker.com%25252Fnews%25252Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%25253Futm_campaign%25253D2022%25252520Newsletter%252526utm_medium%25253Demail%252526_hsmi%25253D189424896%252526_hsenc%25253Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%252526utm_content%25253D189424896%252526utm_source%25253Dhs_email%26_%3D1647488915351 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=7167388295226932863&q=xImp&v=1.x&cl=342&pixelIndex=0&r=100205&tzOffset=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&_=1647488915351

Request Chain 55

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011464113/?random=1996021443&cv=9&fst=1647488915181&num=1&value=0&currency_code=USD&label=_rLSCKPYmOoCELHvpuID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&tiba=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&auid=162771521.1647488915&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=k68yYr-DOI2PgQeMkLL4Cw&sscte=1&crd=CNPgGw&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuowBc_r3R1Az15WUnTZXzY0rbiluKeZws4A HTTP 302
https://www.google.com/pagead/1p-conversion/1011464113/?random=1996021443&cv=9&fst=1647488915181&num=1&value=0&currency_code=USD&label=_rLSCKPYmOoCELHvpuID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&tiba=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&auid=162771521.1647488915&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=k68yYr-DOI2PgQeMkLL4Cw&cid=CAQSKQCNIrLMwb_afzWvgMNRoAxcr75A3uRNdcUm4hPsqjHCgZEO_ajKvuKe&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuo9wnYj_D36wHS-183UBqHJtacjI3-D8p7w&random=1460723723&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1011464113/?random=1996021443&cv=9&fst=1647488915181&num=1&value=0&currency_code=USD&label=_rLSCKPYmOoCELHvpuID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&tiba=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&auid=162771521.1647488915&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=k68yYr-DOI2PgQeMkLL4Cw&cid=CAQSKQCNIrLMwb_afzWvgMNRoAxcr75A3uRNdcUm4hPsqjHCgZEO_ajKvuKe&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuo9wnYj_D36wHS-183UBqHJtacjI3-D8p7w&random=1460723723&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 76

https://a2.adform.net/Serving/TrackPoint/?pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=464906146316&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsInN2MSI6Ii9uZXdzL2ZyYXVkc3RlcnMtcHJleS1vbi1iYW5rLWN1c3RvbWVycy1yZXR1cm5pbmctdG8tdG91cmlzdC1ob3Qtc3BvdHMiLCJpdG1zIjpbeyJwaWQiOiJPRkZFUl9JRCIsInBubSI6IlByb2R1Y3RSYXRlUGxhbk5hbWUifV19&loc=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spot HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=464906146316&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsInN2MSI6Ii9uZXdzL2ZyYXVkc3RlcnMtcHJleS1vbi1iYW5rLWN1c3RvbWVycy1yZXR1cm5pbmctdG8tdG91cmlzdC1ob3Qtc3BvdHMiLCJpdG1zIjpbeyJwaWQiOiJPRkZFUl9JRCIsInBubSI6IlByb2R1Y3RSYXRlUGxhbk5hbWUifV19&loc=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spot

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7167388295226932863&pixelIndex=0&_=1647488915352 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7167388295226932863&pixelIndex=0&_=1647488915352&google_gid=CAESEN2bFmo8iXNIYYI4Qr_Di3s&google_cver=1

219 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl...
info.feedzai.com/e3t/Btc/T3+113/c1-l604/ 10 KB
3 KB 180ms
145ms Document
text/html 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 17 Mar 2022 03:48:34 GMT
content-type: text/html;charset=utf-8
cf-ray: 6ed2c0f18dca23af-ZRH
last-modified: Thu, 17 Mar 2022 03:48:34 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 8faba74a-dd3a-4627-a20b-0332ef4ae0bd
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3Cn%2BfKu1HwD52SPThhPsI44kh51ogTEigpQPKaHLdTLFI%2FSHNjskRpVb0VZlDtfFNdgtieMHST%2BQhrb2M1RXVEM9IMsWmmjHCXo2HSpVO9onevaYBYXihnB%2BWBVBzlfQ6RaEoY3Fdedl6H%2F8VQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H/1.1

200
OK

Primary Request fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots Show response
www.americanbanker.com/news/
Redirect Chain

https://info.feedzai.com/events/public/v1/encoded/track/tc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24F...
https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGy...

309 KB
78 KB

425ms
317ms

Document
text/html

143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Requested by: Host: info.feedzai.com
URL: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-6.fra50.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: b11fd0fc6d03ed65bcaed58a5cd4fd69aa6ab56e5133574b9fcc88ec9baaa8ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1

Response headers

Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=120
Content-Encoding: gzip
Date: Thu, 17 Mar 2022 03:48:34 GMT
Server: N/A
X-Powered-By: Brightspot
X-Robots-Tag: nofollow
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: ZxRzGwqObDgkVq8pdBCDhqQfobZKuTQFa90YhvkpgjAhHYIrBA9R7w==

Redirect headers

date: Thu, 17 Mar 2022 03:48:34 GMT
location: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
cf-ray: 6ed2c0f2be4023af-ZRH
link: <https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 4f344be8-9c96-4d7d-a72c-a1625b17c48e
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DJ%2F9wli59owlfNbRjv%2F3mnpvX7pQPzjXzr5NxSVKohhZ30ch5wgmH22InxRo5m6iJiq3uGFSnOR%2Bu3vBKJrBn8rBpUAl1yLPgdWuKMspubiaEzCERC8mBPYhjYJ1CPXfmaRPb1JHpJv6sIBDxA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK All.min.96c4aa53482f97f80a1ca5e79590efbe.gz.css
arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/ 624 KB
82 KB 58ms
11ms Stylesheet
text/css 18.66.248.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/All.min.96c4aa53482f97f80a1ca5e79590efbe.gz.css
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-35.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7640e8d43665a07616ae1b3671ed16186ce3239c56776a5409673ceb955cb1b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 15:19:58 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 15 Mar 2022 15:13:21 GMT
Server: AmazonS3
Age: 131318
ETag: "57d39ed562535422c17fe196dba44649"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 83107
X-Amz-Cf-Id: Vnb6cg10ukuIJM9sWHqdp6mLKSp7u5lpqWSEsgm9FZTcs5SxHEbHHw==

GET
H2 200 runtime.js Show response
unpkg.com/regenerator-runtime@0.13.1/ 23 KB
7 KB 53ms
22ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/regenerator-runtime@0.13.1/runtime.js

Requested by

Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f792fe255fbfcd352fe4b2f759c95980e57d8d297939e12262d9be1e87f48c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:35 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27989635
fly-request-id: 01F48TVPWQCAW570RMW4G85P9M
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"5b05-y9GmlKf9QAx3EInfgjTVmKGWlRQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ed2c0f6ca170219-ZRH

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
556 B 56ms
16ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Document%2CPromise%2CPromise.prototype.finally%2CObject.getOwnPropertyNames%2CObject.getOwnPropertySymbols%2Ces6%2Ces2015%2Ces2016%2Ces2017%2Ces2018%2Ces2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 275920
detected-user-agent: Chrome Mobile/99.0.4844
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 94
referrer-policy: origin-when-cross-origin
last-modified: Sun, 13 Mar 2022 23:08:02 GMT
date: Thu, 17 Mar 2022 03:48:35 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/99.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK All.min.9ee52f2a14e803cdaa3cf3585b91c5df.gz.js Show response
arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/ 2 MB
546 KB 23ms
11ms Script
text/javascript 18.66.248.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/All.min.9ee52f2a14e803cdaa3cf3585b91c5df.gz.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-35.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc439afff8beca06ec6cb95d2eb8721fc124eb6767662de5b3f0724bdd4ad8cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 18:42:15 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 22 Feb 2022 18:11:46 GMT
Server: AmazonS3
Age: 1933581
ETag: "bbc826b283fe97a51c8800218a38d16b"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 558840
X-Amz-Cf-Id: wG6V1XhahzS_sEPiBGwCvc-7tZX6EoXF8qZIZ1bLYbBotLNxMf9YNA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40d8d1f1b34cecad6116b978e438510ed516cdd8a694b97c7125fa2469b07b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27827
x-xss-protection: 0
server: sffe
etag: "1160 / 648 of 1000 / last-modified: 1647468510"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Mar 2022 03:48:35 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 81ms
26ms Script
application/javascript 143.204.98.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-25.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 13:01:32 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 398824
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: wX7siGj92b6spDA4dvURAquyDnfTAhFL7sijIj1weFLNRjOr5QNJVw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 20:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 20:44:08 GMT

GET
H/1.1 200
OK brand-american-banker-black.svg
arizent.brightspotcdn.com/16/d8/797fc38443bb83caf649880b26cd/ 4 KB
5 KB 12ms
10ms Image
image/svg+xml 18.66.248.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/16/d8/797fc38443bb83caf649880b26cd/brand-american-banker-black.svg
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-35.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56b9d2d2849305918fe661cce7bdb8dcdbc83bb18c170884e625d2b2dd417210

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 15:12:01 GMT
Via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 30 Jul 2020 22:13:05 GMT
Server: AmazonS3
Age: 12746195
ETag: "63fa0ed0a7fecbb154f75e59955f7528"
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 4520
X-Amz-Cf-Id: S_6KaRQucTzUze17YUl9X74Tiam7MZvb6XMSfGsL2gi3lYuApiDTCg==

GET
H/1.1 200
OK /
arizent.brightspotcdn.com/dims4/default/caf08c0/2147483647/strip/true/crop/4200x2799+0+0/resize/840x560!/quality/90/ 115 KB
115 KB 23ms
20ms Image
image/jpeg 18.66.248.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/dims4/default/caf08c0/2147483647/strip/true/crop/4200x2799+0+0/resize/840x560!/quality/90/?url=https%3A%2F%2Fsource-media-brightspot.s3.amazonaws.com%2F0c%2F6d%2Fc5320997427da374e53de60a8603%2F371455154.jpg
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-35.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: be7ea855987b00a3adce44f4d01951955cb595901d2db95018048aeeb519f7b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:07:07 GMT
Via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 2488
ETag: e5de11ca087059d07a8161819c583905
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: DUS51-P1
X-Robots-Tag: nofollow
Content-Length: 117476
X-Amz-Cf-Id: ZFdzJDBYHnda2oBB-dziCtLkd5VuYw-UciE1YxbVwtx2J9qer2cwyw==
Expires: Fri, 17 Mar 2023 03:07:07 GMT

GET
H/1.1 200
OK /
arizent.brightspotcdn.com/dims4/default/89f393a/2147483647/strip/true/crop/1000x165+0+0/resize/727x120!/quality/90/ 12 KB
12 KB 32ms
16ms Image
image/png 18.66.248.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizent.brightspotcdn.com/dims4/default/89f393a/2147483647/strip/true/crop/1000x165+0+0/resize/727x120!/quality/90/?url=https%3A%2F%2Fsource-media-brightspot.s3.amazonaws.com%2F01%2F05%2F6f8ad49b408398d634628e2d653f%2Farizent-logo.png
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-35.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 6b377a566b9e8e639823a036e09dc56ec5b21a967ec6cdfd8cf1cd6758975e00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 03:18:47 GMT
Via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 3457788
ETag: e1afff1a21c8b5289e1f92ff04f9f84c
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: DUS51-P1
X-Robots-Tag: nofollow
Content-Length: 12233
X-Amz-Cf-Id: fLCUmN2PegvdXxJ4oh1jlbOKEpdnsogY3Qs3ze5PNIbSYUfHM1N_-g==
Expires: Sun, 05 Feb 2023 03:18:47 GMT

GET
H/1.1 200
OK jshint_2.13.0.279c236b75a5da43567e97cec91dd6db.gz.js Show response
arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/jshint/ 1 MB
307 KB 50ms
17ms Script
text/javascript 18.66.248.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arizent.brightspotcdn.com/resource/00000174-26a2-d19a-ad7c-2eebcf9a0000/styleguide/jshint/jshint_2.13.0.279c236b75a5da43567e97cec91dd6db.gz.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-35.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d5f7ed178594d09e25e87cba0e328167a6e48d2508b4a4898ee7f05c21c0a69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 03:07:07 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 14 Jul 2021 19:09:21 GMT
Server: AmazonS3
Age: 3458489
ETag: "b76103b4c850ad47f75d962f6a4ce99a"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 313784
X-Amz-Cf-Id: HSfdJ2Q2h-dRWRvYIRlUVOVUECMwZUmvtgbpSdUGSDnPEHcfpH1XJQ==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

441e0467656e99238bd0547e5bdaac626664183d1f53903117e83dbfb2a45a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.americanbanker.com/
Origin: https://www.americanbanker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 02:59:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 03:48:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 03:48:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 480 KB
100 KB 126ms
96ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea3905ee7d8e4261f58b6096d97b2d9fa4f89221e076ed0b7ce73a5e83d98490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102226
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 03:48:35 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 94ms
29ms Script
application/javascript 2606:4700:3032::ac43:bf95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 44JNMB61M3NVDQKK
x-amz-id-2: n9/fJYyUwQqyGHt94QiuaMjG/+keiOaV3UAEUov0/Y2PlXPsklPLoQdY/zJ1LA3yK3lbD8pg5mI=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZH%2Bpjz9QulFJhQ4HCic%2FQZcqtadMwGDWj4NDTwWW5C%2Bzpgio9JJQZiA4QZaMT5PzO3viSjWupUBjZET8ud7JKZZKlsNTIeOG6PdTo1UKXpIXOLHWnTYdR4E2C3Lr8ziWSfLOm%2FZ7cCC23es3Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6ed2c0f7ddc55a19-MXP

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/sourcemedia-prod/ 77 KB
25 KB 107ms
28ms Script
application/javascript 99.86.113.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.113.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-113-122.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9117852bb64ba272123bad5259c90fe34447a8faf1eec13c115774b449c86022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: oF4Q2CMUho0S9hHXEmpxzlVKyT4jBLYq
Content-Encoding: gzip
ETag: W/"602f77062a5a5bc93d686afc4ca4f11e"
Age: 540
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 15 Mar 2022 06:32:39 GMT
Server: AmazonS3
Date: Thu, 17 Mar 2022 03:39:36 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 148ba19bb0d8ba215fbd724d3e587316.cloudfront.net (CloudFront)
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: rFRZQAjR7BnZ713N_B1Y7P3_yNwjksq9XeIPYoIb1WNs0jK2N3xe9w==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 71ms
26ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8c71e5a3ee2f64d7d09ab80360faf8e4f0056f869fb62d42cfd59a04b0c1285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dqOGSlo4hg2XOhOiE05fFQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 17 Mar 2022 04:02:16 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 5z67GOIw50iWOad98Ts7XdEsqwPkq1Ii4vJkJD/U6OfIrAQc3XJQudqMioQrQFyahg7KoqbjcmVzinilu5kPIA==
x-fb-trip-id: 1709462857
x-fb-content-md5: af8cb76d8dffb9c66c6640163cfbac3e
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 17 Mar 2022 03:48:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ed349925761856f76650856ee5e9c9ed"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 5 KB
2 KB 94ms
23ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=XUnXNMUrFF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27e93d58299bbec64669d53c70f172936cb995c8ef3f168847e2636614db4ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 3229
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Ca3cv8rxfmH
wn: prod-exp-10-0-112-65
last-modified: Thu, 17 Mar 2022 02:54:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 6ed2c0f7eb98cc62-ZRH
expires: Thu, 17 Mar 2022 04:18:35 GMT

GET
H2 200 pubads_impl_2022031001.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 50ms
9ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

50ef77c247263fdc6e0308a69334a3064176a1f4803e90eb0b45370231044fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125087
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 09:34:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Mar 2023 16:53:28 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 106 B
726 B 52ms
16ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.americanbanker.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

79baec8122da15d50dadf74e665e73e22592990e0241f5ebcc6e1210f468597f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Thu, 17 Mar 2022 03:48:35 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.americanbanker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 29885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 22 KB
22 KB 45ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.americanbanker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 29885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 43ms
22ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.americanbanker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 29884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 37ms
24ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.americanbanker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:34:14 GMT
x-content-type-options: nosniff
age: 29661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24408
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:34:14 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 280 KB
80 KB 29ms
13ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b646b6324988151b95147e24c3cfcaf4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0171cba4fe8f5f665e3b19043b7ea21190a1a815f12ef09e3eec273bb099f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.americanbanker.com/
Origin: https://www.americanbanker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HfkzTjM+WJTOWFYEn08hiA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 17 Mar 2023 02:03:22 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81454
x-fb-rlafr: 0
x-fb-debug: mDNZGXB+TnIyyYU9DxIukD+2nasyxXU6+t+r+TNp/jlqG7xXv4aO6ajggp/So0oWa6fmZMO8TZm3pwczZ/DtDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 70f5c9584c0ef1bd2aa83e044b043b18
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 03:48:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0ef2cc95013d8485ff32675b350fd562"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 275 KB
80 KB 41ms
31ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=XUnXNMUrFF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 75238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: GVJ6A7NY115TQ5KV
x-amz-id-2: UD7kUeZ8OH/UZvJYvMIVzK5MGJWT2pePSFeU6/YDNOEZ6udH4V3LsVd4sPGHn2+gPmmlJXmJPQg=
last-modified: Mon, 28 Feb 2022 15:07:54 GMT
server: cloudflare
etag: W/"d766e4371da10c3c8ec5fecc88497ef7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6ed2c0faac66cc62-ZRH
expires: Thu, 17 Mar 2022 07:48:35 GMT

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 150 B
465 B 405ms
102ms XHR
application/json 52.45.201.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6e319&site_id=sourcemedia-prod
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.201.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-201-131.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 953219844164f5895a1095838eb475aea814baec518f2c7827e9b6551963275f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:35 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 150

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 29ms
28ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14889
x-xss-protection: 0
server: cafe
etag: 11178597599353190569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:48:35 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 53ms
20ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Mar 2022 20:16:02 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=76752
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3073

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
29 KB

184ms
39ms

Script
application/x-javascript

37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Thu, 17 Mar 2022 03:48:36 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 31 KB
13 KB 140ms
30ms Script
application/javascript 52.31.189.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?172
Requested by: Host: info.feedzai.com
URL: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.189.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-189-28.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cd5489dc88fd8e9e9ea9cacf8077f8b20446d10fab97186491fe62079051a10d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:35 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=86400
transfer-encoding: chunked
Connection: keep-alive

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 30ms
14ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: info.feedzai.com
URL: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: IlSop89tujgh8pZ2ek0vS3mVyRsOujWkFflJIUrbTE75eT4l5SeK1dLglCICLDJTo82e2W6L3ZtI3+ivkBuZDw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 03:48:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 56ms
10ms Script
application/javascript 143.204.101.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: info.feedzai.com
URL: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-222.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:34:00 GMT
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Age: 875
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: hDAAJt0aK0-z1HzqrpNSTa0C0mkJ14vHLSfRfpJ5c95HD6YADF7OcA==
Expires: Fri, 18 Mar 2022 03:34:00 GMT

GET
H2 200 video.js Show response
vjs.zencdn.net/7.6.5/ 2 MB
395 KB 61ms
17ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.6.5/video.js
Requested by: Host: info.feedzai.com
URL: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 59a717e69bec72ad009181785a1a65b674d1c01e77e04bdc718deb02a9b97671

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 14:08:10 GMT
etag: "6ad9f2485086f3f4265513b2a6599cf1"
x-served-by: cache-mxp6922-MXP
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 404443
x-cache-hits: 1

GET
H/1.1 200
OK dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js Show response
s.dpmsrv.com/ 112 KB
38 KB 92ms
15ms Script
application/x-javascript 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js
Requested by: Host: info.feedzai.com
URL: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5e1876373576f4110b6ad82c25041aa2e9762cc4a417939eeb20e654818a818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 02:51:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 May 2020 20:46:58 GMT
Server: AmazonS3
Age: 3598
ETag: "b10698ccacbd3420aaa5389feaa6b0f5"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 38693
X-Amz-Cf-Id: JmXi_cIrnsEkAr78tvE9UAmDW8APykkvR6q0c9YPZxq77Su3pccQ9Q==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 54ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: info.feedzai.com
URL: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 54CEAC9F3CDD42B5A17BB2548E243693 Ref B: FRAEDGE1417 Ref C: 2022-03-17T03:48:35Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11347

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
8 KB

7ms
7ms

Script
application/javascript

2600:9000:2156:a800:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Server: 2600:9000:2156:a800:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 14:59:57 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
age: 132519
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=259200,public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ByL0ubYFMB4r5vztlTvk2_SWbi6iSITS0vULdQP9TkCgKYVwGDsbGg==

Redirect headers

date: Thu, 17 Mar 2022 03:48:36 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
location: /dist/analytics-1.5.12.min.js
content-length: 0
x-amz-cf-id: 0ICXTXzpz6m1mMDUseqPYeIPORlTE_-mzhM4bBtNzHHbolzYxN9k-g==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 825
date: Thu, 17 Mar 2022 03:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Mar 2022 05:34:50 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
392 B 456ms
444ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0b45543904bae95d15c9d72e7d55eee749a4b32ede7c71bcf9d199ebbcdfeda

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C0lev8rfPie
pragma
wn: prod-dash-10-0-112-160
last-modified: Thu, 17 Mar 2022 03:28:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.002
cache-control: public, max-age=1200
cf-ray: 6ed2c0fc1ceecc62-ZRH
expires: Thu, 17 Mar 2022 04:08:36 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 22 KB
6 KB 96ms
20ms Script
application/x-javascript 2a02:26f0:fb:5a0::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5a0::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Feb 2022 15:01:18 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5939
Expires: Thu, 17 Mar 2022 04:48:35 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011464113/ 3 KB
2 KB 63ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011464113/?random=1647488915177&cv=9&fst=1647488915177&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&tiba=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

691d7aff3bbf0c068e9b4a2cd3975efdf0ea041f45d1d2e6621baf91de9970b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1261
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1011464113/ 2 KB
1 KB 62ms
19ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1011464113/?random=1647488915181&cv=9&fst=1647488915181&num=1&value=0&currency_code=USD&label=_rLSCKPYmOoCELHvpuID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&tiba=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&auid=162771521.1647488915&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f6e27ba5667915fb23851129787e6d6c848f0b1b306d49467050543b157ef8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1471
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1859681287603644 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 84ms
79ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1859681287603644?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7234816209f5ffff423a5ff520c6144d69a2443439607f7ace4ac68b32c65f60

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: +xPnFyXXDAUGxajy8JvHjSrjG+RJ5a4Xh6g6PP6dESS8xUcblVgeRpZ/yRcR3ILU+TdOy2t+CwQy02HLP1ZHWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 03:48:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1647488915272&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3F_hs...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D674964%26time%3D1647488915272%26url%3Dhttps%253A%252F%252Fwww.americanbanker.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1647488915272&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3F_hs...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1647488915272&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3F_h...

0
264 B

230ms
196ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1647488915272&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3F_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_campaign%3D2022%2520Newsletter%26utm_content%3D189424896%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D189424896&liSync=true&e_ipv6=AQIIjCM6trSl-wAAAX-V_dxk2jGYSqsWKCqeuYRe1X4OKrtL-SL-Fia6X0ysH-TGBXN1KX5Jug
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B53ACF59863C4FDBAC74D6A6AC9EAF6E Ref B: FRAEDGE1307 Ref C: 2022-03-17T03:48:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXaYeeoc374poMCMWyj0w==
x-li-fabric: prod-lor1

Redirect headers

date: Thu, 17 Mar 2022 03:48:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 02623222CA2D427E9113610C1B4D77FC Ref B: FRAEDGE0810 Ref C: 2022-03-17T03:48:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=674964&time=1647488915272&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3F_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_campaign%3D2022%2520Newsletter%26utm_content%3D189424896%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D189424896&liSync=true&e_ipv6=AQIIjCM6trSl-wAAAX-V_dxk2jGYSqsWKCqeuYRe1X4OKrtL-SL-Fia6X0ysH-TGBXN1KX5Jug
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXaYeeksogKGui1cBn4uQ==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 23ms
8ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Mar 2022 04:15:10 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/americanbanker.com/ 72 KB
26 KB 60ms
13ms Script
application/javascript 18.66.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/americanbanker.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-245-59.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a66176229882908d4a804b804674b9fcfc534927ffc16fcd75a091f8019723d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 16 Mar 2022 05:57:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 21:52:02 GMT
server: nginx
age: 78661
etag: W/"616f3e02-12086"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: wfW9xyMTAo6uruKtnD71q6xeznfcd-Y7_Dxu5u6bcjwHyQyMVZjX3A==
expires: Thu, 17 Mar 2022 05:57:35 GMT

GET
H2 204 17523647.js Show response
bat.bing.com/p/action/ 0
111 B 156ms
156ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17523647.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 03:48:35 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6AD8064F8F2A4BD0A753292B17AAAFB9 Ref B: FRAEDGE1417 Ref C: 2022-03-17T03:48:35Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17523647&Ver=2&mid=25a5a8ba-3b44-4d40-bd53-8fb21025ccec&sid=1f31b090a5a511eca736357733737091&vid=1f31b5d0a5a511ecbae457a8a2a82027&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&kw=Bank%20technology,Fraud%20detection,AB%20-%20Technology&p=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&r=&lt=766&evt=pageLoad&msclkid=N&sv=1&rn=262199
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 677FC3031AB747BCAD3E503A01CD1F0D Ref B: FRAEDGE1417 Ref C: 2022-03-17T03:48:36Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 174 B
1 KB 159ms
138ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jsonp2633&client_id=XUnXNMUrFF&site=https%3A%2F%2Fwww.americanbanker.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

355bd6e718bd8ec01295e014ed41981c31243e49815088268a3d0e7d1ae4109c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C0lev8rIcPz
pragma: no-cache
wn: prod-id-10-0-119-239
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.002
cf-ray: 6ed2c0fd4d3fcc62-ZRH
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 193.js Show response
cdn.keywee.co/config/ 233 B
573 B 16ms
6ms Script
application/javascript 2600:9000:2156:a800:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/193.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af049cb9878153af170de62d07701370f22c95c9b652fe4f9fa078ea6d7034d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 02:54:46 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Tue, 28 Sep 2021 13:57:54 GMT
server: AmazonS3
age: 9456
etag: "784cfac3d1e922fd9607eac88a0ff59c"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-length: 233
x-amz-cf-id: 3kaB-MZqgRHbQoCfz4OEyky869g0DdDMDG1QG_jCG0Bk2wtT_BXfUA==

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D342%26pixelIndex%3D0%26r%3D100205%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.americanbanker.c...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D342%2526pixelIndex%253D0%2526r%253D100205%2526tzOffset%25...
https://a.dpmsrv.com/dpmpxl/index.php?id=7167388295226932863&q=xImp&v=1.x&cl=342&pixelIndex=0&r=100205&tzOffset=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers...

255 B
1004 B

427ms
99ms

Script
text/javascript

34.230.94.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=7167388295226932863&q=xImp&v=1.x&cl=342&pixelIndex=0&r=100205&tzOffset=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&_=1647488915351
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Server: 34.230.94.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-94-213.compute-1.amazonaws.com
Software: /
Resource Hash: 8630a941e8f60d5b4a3bb4f1e8dade10d2cc72a37bfdaf8161be225d9d95acdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 225
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:36 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b717003e-8874-4dbb-90df-fc67c343fcb9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=7167388295226932863&q=xImp&v=1.x&cl=342&pixelIndex=0&r=100205&tzOffset=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&_=1647488915351
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 36ms
31ms Script
application/javascript 52.31.189.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50113&ct=js&pi=&fp=undefined&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&pv=1647488915439_6cpu2d68z&bl=en-us&cb=2744773&return=&ht=&d=&dc=&si=1647488915439_6cpu2d68z&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?172
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.189.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-189-28.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:35 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1011464113/ 42 B
548 B 54ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011464113/?random=1647488915177&cv=9&fst=1647486000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&tiba=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&async=1&fmt=3&is_vtc=1&random=335754942&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1011464113/ 42 B
548 B 61ms
12ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011464113/?random=1647488915177&cv=9&fst=1647486000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&tiba=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&async=1&fmt=3&is_vtc=1&random=335754942&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1011464113/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011464113/?random=1996021443&cv=9&fst=1647488915181&num=1&value=0&currency_code=USD&label=_rLSCKPYmOoCELHvpuID&bg=ffffff&guid=ON&re...
https://www.google.com/pagead/1p-conversion/1011464113/?random=1996021443&cv=9&fst=1647488915181&num=1&value=0&currency_code=USD&label=_rLSCKPYmOoCELHvpuID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u...
https://www.google.de/pagead/1p-conversion/1011464113/?random=1996021443&cv=9&fst=1647488915181&num=1&value=0&currency_code=USD&label=_rLSCKPYmOoCELHvpuID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_...

42 B
64 B

24ms
24ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1011464113/?random=1996021443&cv=9&fst=1647488915181&num=1&value=0&currency_code=USD&label=_rLSCKPYmOoCELHvpuID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&tiba=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&auid=162771521.1647488915&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=k68yYr-DOI2PgQeMkLL4Cw&cid=CAQSKQCNIrLMwb_afzWvgMNRoAxcr75A3uRNdcUm4hPsqjHCgZEO_ajKvuKe&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuo9wnYj_D36wHS-183UBqHJtacjI3-D8p7w&random=1460723723&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1011464113/?random=1996021443&cv=9&fst=1647488915181&num=1&value=0&currency_code=USD&label=_rLSCKPYmOoCELHvpuID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&tiba=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&auid=162771521.1647488915&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=k68yYr-DOI2PgQeMkLL4Cw&cid=CAQSKQCNIrLMwb_afzWvgMNRoAxcr75A3uRNdcUm4hPsqjHCgZEO_ajKvuKe&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuo9wnYj_D36wHS-183UBqHJtacjI3-D8p7w&random=1460723723&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK segments Show response
api.zetaglobal.net/people/P9jfepBKJ2EAFzPcclXjicuSycmSOybWe%2BqRCzRcLIXW03yhD1GQmdKVaU6XcpSqKUexszdorWMcGRCIBXaTMw%3D%3D/ 2 B
939 B 416ms
197ms XHR
application/json 54.88.65.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zetaglobal.net/people/P9jfepBKJ2EAFzPcclXjicuSycmSOybWe%2BqRCzRcLIXW03yhD1GQmdKVaU6XcpSqKUexszdorWMcGRCIBXaTMw%3D%3D/segments?site_id=sourcemedia-prod

Requested by

Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.65.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-65-136.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Request-Id: f83abdbb-de6d-45fd-a0bf-f7714b830e5b
X-Runtime: 0.098954
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"1ba4ae9d8ad011eb810c0b343116d54e"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000;
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Request-Methods: GET
Access-Control-Allow-Headers: origin, x-requested-with, content-type, accept, authorization, x-prototype-version

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 64 KB
22 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:fb:5a0::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5a0::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 13:47:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21887
Expires: Thu, 17 Mar 2022 04:48:36 GMT

GET
BLOB 200
OK ac58f78e-8ab9-4431-b0d7-6cc24fb2c014
https://www.americanbanker.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.americanbanker.com/ac58f78e-8ab9-4431-b0d7-6cc24fb2c014
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

POST
H2 200 track Show response
events.api.boomtrain.com/event/ 2 B
248 B 324ms
102ms XHR
text/plain 34.195.203.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.203.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-203-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.americanbanker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
server: nginx
allow: GET, HEAD, OPTIONS, POST
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
content-length: 2

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 50ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1859681287603644&ev=PageView&dl=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&rl=&if=false&ts=1647488915520&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22541029256690117%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22806187966482914%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1647488915501.1230237876&it=1647488915194&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 17 Mar 2022 03:48:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 49ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?ev=1859681287603644&dl=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&rl=&if=false&ts=1647488915522&sw=1600&sh=1200&v=2.9.57&r=stable&o=28&it=1647488915194&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 17 Mar 2022 03:48:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 68ms
22ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219761-28&cid=89691567.1647488915&jid=510413624&gjid=105279658&_gid=700317624.1647488915&_u=aGBAiEAjBAAAAE~&z=1222103201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Mar 2022 03:48:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 62ms
22ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219761-100&cid=89691567.1647488915&jid=1324055795&gjid=1694660008&_gid=700317624.1647488915&_u=aGDAiEAjBAAAAE~&z=1798240641

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.americanbanker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Mar 2022 03:48:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=92692563&t=pageview&_s=1&dl=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&dp=%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots&ul=en-us&de=UTF-8&dt=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjB~&jid=510413624&gjid=105279658&cid=89691567.1647488915&tid=UA-219761-28&_gid=700317624.1647488915&gtm=2wg3e05DXTZXR&cd1=David%20Heun&cd2=Amazon%20CloudFront&cd5=Gated&cd8=23&cd9=20211022&cd10=Bank%20technology%2CFraud%20detection%2CAB%20-%20Technology&cd12=Bank%20technology&cd14=1162&cd15=Article&cd17=Bank%20technology%2CFraud%20detection%2CAB%20-%20Technology&z=1321772040

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 09:43:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65097
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=92692563&t=pageview&_s=1&dl=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&dp=%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots&ul=en-us&de=UTF-8&dt=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAE~&jid=1324055795&gjid=1694660008&cid=89691567.1647488915&tid=UA-219761-100&_gid=700317624.1647488915&gtm=2wg3e05DXTZXR&cd1=David%20Heun&cd2=Amazon%20CloudFront&cd5=Gated&cd8=23&cd9=20211022&cd10=Bank%20technology%2CFraud%20detection%2CAB%20-%20Technology&cd12=Bank%20technology&cd14=1162&cd15=Article&cd17=Bank%20technology%2CFraud%20detection%2CAB%20-%20Technology&z=1161516493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 09:43:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65097
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 412ms
97ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1647488915581&plid=98210577&idsite=americanbanker.com&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22undefined%22%7D&sid=1&surl=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&sref=&sts=1647488915561&slts=0&title=Fraudsters+prey+on+bank+customers+returning+to+tourist+hot+spots+%7C+American+Banker&date=Thu+Mar+17+2022+03%3A48%3A35+GMT%2B0000+(GMT)&action=pageview&pvid=28214943&u=pid%3D4e6ac8c87b0a7746e82f86b3f19ff82c
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:36 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 17-Mar-2022 03:48:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 sp-2.9.1.js Show response
cdn.keywee.co/dist/ 75 KB
26 KB 13ms
8ms Script
application/x-javascript 2600:9000:2156:a800:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:37 GMT
content-encoding: gzip
last-modified: Sun, 14 Oct 2018 12:37:03 GMT
server: AmazonS3
age: 4933980
etag: W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tYOnd4NBxgclKSxeGMXk3Ic-CJcFvSaci6iTjaGMv1uhGvHL2lVYbg==

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 30ms
15ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1859681287603644&ev=KWCEPV&dl=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&rl=&if=false&ts=1647488915610&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647488915501.1230237876&it=1647488915194&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 03:48:36 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 28ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1859681287603644&ev=PageView&dl=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&rl=&if=false&ts=1647488915612&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&par[0]=%7B%22extractorID%22%3A%22541029256690117%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22806187966482914%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1647488915501.1230237876&it=1647488915194&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 03:48:36 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 50 KB
9 KB 200ms
164ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e575afbd2dc9bf0aeeec790bb06050768203e6fc20901973b61abf33aa05586b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.americanbanker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: dsqugfnzvs
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6ed2c0ff2a4501db-ZRH

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-219761-28&cid=89691567.1647488915&jid=510413624&_u=aGBAiEAjBAAAAE~&z=2145060962

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 36ms
18ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-219761-28&cid=89691567.1647488915&jid=510413624&_u=aGBAiEAjBAAAAE~&z=2145060962

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 28ms
27ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-219761-100&cid=89691567.1647488915&jid=1324055795&_u=aGDAiEAjBAAAAE~&z=1787838921

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 36ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-219761-100&cid=89691567.1647488915&jid=1324055795&_u=aGDAiEAjBAAAAE~&z=1787838921

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
pixel.keywee.co/ 43 B
295 B 336ms
108ms Image
image/gif 18.232.216.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.keywee.co/i?stm=1647488915650&e=pv&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&page=Fraudsters%20prey%20on%20bank%20customers%20returning%20to%20tourist%20hot%20spots%20%7C%20American%20Banker&tv=js-2.9.1&tna=cf&aid=193&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=b077ea13-9056-4f66-b17f-10127f84bf86&dtm=1647488915645&vp=1600x1200&ds=1600x4004&vid=1&sid=562b768f-d3d1-4701-ad9c-a70d3ee93d0e&duid=19756ba6-956f-4785-8b78-c7f244838142&fp=540708920

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.232.216.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-216-152.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

status: 200 OK
date: Thu, 17 Mar 2022 03:48:36 GMT
x-content-type-options: nosniff
server: nginx/1.21.3
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=464906146316&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVk...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=464906146316&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6I...

2 KB
1 KB

91ms
91ms

Script
text/javascript

185.167.164.51
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=464906146316&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsInN2MSI6Ii9uZXdzL2ZyYXVkc3RlcnMtcHJleS1vbi1iYW5rLWN1c3RvbWVycy1yZXR1cm5pbmctdG8tdG91cmlzdC1ob3Qtc3BvdHMiLCJpdG1zIjpbeyJwaWQiOiJPRkZFUl9JRCIsInBubSI6IlByb2R1Y3RSYXRlUGxhbk5hbWUifV19&loc=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spot

Requested by

Protocol

Server

185.167.164.51 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

707c15a2d21d4a5049eb2a54e82f591693f5065f678e9776777ca93a59688dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1076
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1662401&ADFPageName=American_Banker%20Universal%20Tag&ADFdivider=%7C&ord=464906146316&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsInN2MSI6Ii9uZXdzL2ZyYXVkc3RlcnMtcHJleS1vbi1iYW5rLWN1c3RvbWVycy1yZXR1cm5pbmctdG8tdG91cmlzdC1ob3Qtc3BvdHMiLCJpdG1zIjpbeyJwaWQiOiJPRkZFUl9JRCIsInBubSI6IlByb2R1Y3RSYXRlUGxhbk5hbWUifV19&loc=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spot
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

POST
H3 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 588 B
811 B 175ms
145ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f05f33d16a204d5c70774e73f2e0310c38c99cc490db5b703762305b75dfbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.americanbanker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C0lev8reFrA
pragma: no-cache
wn: prod-dash-10-0-89-195
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.005
cf-ray: 6ed2c100cd19cc4e-ZRH
expires: 0

GET
H3 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 3FA0 10 KB
4 KB 70ms
41ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTMYWL61R4SU&templateVariantId=OTVL8YQFRN20O&offerId=fakeOfferId&experienceId=EX1EAFJ3ZC4Z&iframeId=offer_da42fa59356a9144bc04-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4850def422236b7120b2f04ac5d30eae7e84c4cea5e2965b2effcd53820696

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=2169
expires: Thu, 17 Mar 2022 04:24:45 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.008
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-122-90
x-forwarded-https: on
x-request-id: C9x7v8r6Yp2
x-xss-protection: 0
cf-cache-status: HIT
age: 8631
last-modified: Thu, 17 Mar 2022 01:24:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ed2c100cc13cc4a-ZRH
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 588 B
806 B 156ms
140ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc787ae67e8df20ee771bbf9757fcfc40a3eda5521792e4b8b83de20192b3aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.americanbanker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C0lev8rT9xL
pragma: no-cache
wn: prod-dash-10-0-116-98
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.003
cf-ray: 6ed2c100bd18cc4e-ZRH
expires: 0

GET
H3 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 3D4B 11 KB
5 KB 49ms
34ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT2ZKYIM82SF&offerId=fakeOfferId&experienceId=EXUG74XED9ZN&iframeId=offer_6d6f23005f39a439ca3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6e1e3ed8b806cc3f64651e7aa288c22a45d0b332e9f985f3f5a4434900b846

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=2168
expires: Thu, 17 Mar 2022 04:24:44 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.003
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-116-98
x-forwarded-https: on
x-request-id: C8x7v8ra5K8
x-xss-protection: 0
cf-cache-status: HIT
age: 8631
last-modified: Thu, 17 Mar 2022 01:24:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ed2c100cc14cc4a-ZRH
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 588 B
847 B 138ms
138ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=XUnXNMUrFF

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81595dfe48cb94f7cfe66001c8d6c37c476a3df59e98f2f58166489d7a0564a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.americanbanker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C0lev8r7hHq
pragma: no-cache
wn: prod-dash-10-0-114-196
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.003
cf-ray: 6ed2c100cd1acc4e-ZRH
expires: 0

GET
H3 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 896E 14 KB
4 KB 29ms
28ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0fcbee3a7a17ed9b3543b7e3329024c4a423cb243e8db6132d26eb3674b15f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=2169
expires: Thu, 17 Mar 2022 04:24:45 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.003
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-131-101
x-forwarded-https: on
x-request-id: C9x7v8rbhoJ
x-xss-protection: 0
cf-cache-status: HIT
age: 8631
last-modified: Thu, 17 Mar 2022 01:24:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ed2c100cc16cc4a-ZRH
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 41ms
8ms Script
application/javascript 143.204.101.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: info.feedzai.com
URL: https://info.feedzai.com/e3t/Btc/T3+113/c1-l604/VX63vW8VBTXLW27Mkg72xBjNMW5g6HvJ4BwSgfN6TZ7tm3q3pBV1-WJV7CgY9pW6x5dkX1x5tSzW2g80-p8Q5RPhW3BTlnw3d-HS9N2B_wthJZmmcW4QRKVM24FrcXN3QHnd1gQT4KW8ZcYWV30B0fvW3RR-VH8gBBLRW4x55sR6cJGrlW4ktLsL2RT4dBW7c7Ngl3nGtDdW9km82J1SsNXKW4RQynq5VYx1WW7RkF5F4DWl_4W7YBgKZ8RqMKpW6m4SgM5l7nLDW7Jl2xy2fB2N3VCJRYh8N-pmFW8FRT1c1K2LqdVbjwwS4-zmmTW6dj3VG4hC-8vW2BQVrn3J5x7RW8sgpDf4mXKNkW6vVVrW608ngHW8rvWdY6VdW-HW3XFPPX7Y8T9BW6gYV5v8qNSdZN8jftGn838zzVDZKsx7Cgs3bVQJ_R-3n4Njz33Lg1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-98.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ef6b24ec78bb3ac4bdfa91d2abf4d9f2d4b543ad54c411d50e4307fc8677110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:14:35 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 22:59:53 GMT
server: AmazonS3
age: 2042
etag: W/"eb0a40c00c97d9640177205882172295"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uSY8ST3dxdLcOFy41eFSyvUAiynwhh2BuO-hz4qcRttOlPuiidozmg==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 323 B
560 B 144ms
34ms XHR
application/json 52.211.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAda7cab885-7b6e-4c97-bc02-a5ed6a2b9204,ss:%5B970.91,970.90,970.250,728.90,320.50,300.250%5D,p:/16059533/AmericanBanker/Article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a00b1fca-61e8-110e-a30f-a7f06061ed8e&url=https%253A%252F%252Fwww.americanbanker.com%252Fnews%252Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%253Futm_campaign%253D2022%252520Newsletter%2526utm_medium%253Demail%2526_hsmi%253D189424896%2526_hsenc%253Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%2526utm_content%253D189424896%2526utm_source%253Dhs_email
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-143.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 29f598b5c4ab12f1050d937eb14a1f6c1a44f06d11511daa21d0254737ddd532

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
x-server-name: app10.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 323 B
562 B 141ms
33ms XHR
application/json 52.211.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAd79dafaed-74e2-4b4c-8375-3dfc54216157,ss:%5B1.1%5D,p:/16059533/AmericanBanker/Article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a00b1fca-61e8-110e-a30f-a7f06061ed8e&url=https%253A%252F%252Fwww.americanbanker.com%252Fnews%252Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%253Futm_campaign%253D2022%252520Newsletter%2526utm_medium%253Demail%2526_hsmi%253D189424896%2526_hsenc%253Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%2526utm_content%253D189424896%2526utm_source%253Dhs_email
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-143.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 04438b396fa4db8671e14afe3b10934ab2fcb9d24129380e6eaaec162eae1c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
x-server-name: app05.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame EFFB 684 B
749 B 15ms
14ms Document
text/html 2a02:26f0:fb:5a0::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5a0::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

Accept-Ranges: bytes
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Content-Length: 379
Cache-Control: max-age=864000
Expires: Sun, 27 Mar 2022 03:48:36 GMT
Date: Thu, 17 Mar 2022 03:48:36 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 3484 2 KB
1 KB 91ms
88ms Document
text/html 185.167.164.51
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=1662401&lid=56730269&ctype=0&media=0&PageName=American_Banker+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsInN2MSI6Ii9uZXdzL2ZyYXVkc3RlcnMtcHJleS1vbi1iYW5rLWN1c3RvbWVycy1yZXR1cm5pbmctdG8tdG91cmlzdC1ob3Qtc3BvdHMiLCJpdG1zIjpbeyJwaWQiOiJPRkZFUl9JRCIsInBubSI6IlByb2R1Y3RSYXRlUGxhbk5hbWUifV19&rnd=1573719260&cpref=&loc=https%3a%2f%2fwww.americanbanker.com%2fnews%2ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spot

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.51 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

70af0fcee31dd2fb39a8806fd164de4d84c51923b9f52e8986d223b44bb7a57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

server: nginx
date: Thu, 17 Mar 2022 03:48:36 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 896E 33 KB
6 KB 33ms
32ms Stylesheet
text/css 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 3224
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-122-90
last-modified: Tue, 15 Mar 2022 13:11:20 GMT
server: cloudflare
etag: W/"33843-1647349880000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 6ed2c1015c3dcc4a-ZRH
expires: Thu, 17 Mar 2022 05:48:36 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 896E 34 KB
7 KB 270ms
269ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=XUnXNMUrFF&version=1619704701000&language=en_US

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec70cfb1ce0aed65c10ebc00451fef58c830dbe4c02db1ba4115e7e3442c3c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C0lev8rguZN
pragma
wn: prod-dash-10-0-114-196
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6ed2c1015c3ecc4a-ZRH
expires: Thu, 17 Mar 2022 23:48:36 EDT

GET
H3 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 896E 60 KB
12 KB 39ms
38ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.105.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad17f3e4887e34b70f3ce18b89ab672b2f4d5db65237e58d704055fdc80d54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 75239
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-89-195
last-modified: Tue, 15 Mar 2022 13:11:20 GMT
server: cloudflare
etag: W/"61519-1647349880000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 6ed2c1015c3fcc4a-ZRH
expires: Fri, 18 Mar 2022 03:48:36 GMT

GET
H3 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 896E 520 KB
156 KB 51ms
49ms Script
text/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=14.105.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

978533e747c483e61d642a67d62c1319a217d2ce8ec65a68f193f9ccfa801a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3202
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-114-196
last-modified: Tue, 15 Mar 2022 13:11:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=601598
x-optimized-by: _sam
cf-ray: 6ed2c1015c40cc4a-ZRH
expires: Thu, 24 Mar 2022 02:55:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 896E 5 KB
532 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

441e0467656e99238bd0547e5bdaac626664183d1f53903117e83dbfb2a45a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 02:39:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 03:48:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 03:48:36 GMT

GET
H2 200 americanbanker3x.png
images.newsletters.arizent.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/ Frame 896E 8 KB
9 KB 138ms
13ms Image
image/png 2600:9000:224a:3a00:8:2b19:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.newsletters.arizent.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/americanbanker3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3a00:8:2b19:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f2b6c5613e703f11e27309ad9e7115cabb98e70acb07b7417a3e68b6e083e24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Mar 2022 09:16:01 GMT
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2019 20:35:59 GMT
server: AmazonS3
age: 325957
etag: "19d4923e2aa582a437a134b96bfaf2e3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=1296000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 8610
x-amz-cf-id: FAdbrzmCmnJJcjy2nIeUeMaY9LGWQcc1L1UQxLjJs0ncMGXoGA7WrA==

GET
H/1.1 200
OK icon-arrow-down-show-3x.png
source-media-brightspot-lower.s3.amazonaws.com/de/55/86a18aa047308959b772cc9fe6c0/ Frame 896E 1 KB
2 KB 471ms
133ms Image
image/png 52.217.44.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://source-media-brightspot-lower.s3.amazonaws.com/de/55/86a18aa047308959b772cc9fe6c0/icon-arrow-down-show-3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.44.100 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c3c1db1885b0f1d07ded84a1dd2b4aa9e5a150e74c37c6f27e9ad9e76820ee84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:38 GMT
Last-Modified: Wed, 14 Apr 2021 20:08:55 GMT
Server: AmazonS3
x-amz-request-id: EKMPQN76FZ791TBG
ETag: "03078169ee60acf0e5340c8df1a668d9"
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 1205
x-amz-id-2: eP4s7ny7WSF+8LxlgQRkx2njncVY39RfHpdvu6rCUiasHpMaevvhLgNTBQ/JSBQZKm8kvAJJVS8=

GET
H/1.1 200
OK icon-checkmark-benefits-3x.png
source-media-brightspot-lower.s3.amazonaws.com/e6/5a/cf83bdcb4154966bba0142ee706f/ Frame 896E 737 B
1 KB 413ms
116ms Image
image/png 52.217.44.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://source-media-brightspot-lower.s3.amazonaws.com/e6/5a/cf83bdcb4154966bba0142ee706f/icon-checkmark-benefits-3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.44.100 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5369beacf41380e4c6215ba0e5c1fbf7f454dfd686276b0559b1caf04584ea65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:38 GMT
Last-Modified: Wed, 14 Apr 2021 20:05:44 GMT
Server: AmazonS3
x-amz-request-id: EKMK795QCPXQTPD9
ETag: "c8e2d9524224f461e3d5a82b9a071f28"
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 737
x-amz-id-2: 2uJ7FfLRRwWp2k7nV+rKGjRKi0pYDbYAsm+pyAhrJwfFcpPH2CMI2+Ja0eNz6rn2t613v/eP+1U=

GET
H3 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 3D4B 33 KB
6 KB 65ms
59ms Stylesheet
text/css 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT2ZKYIM82SF&offerId=fakeOfferId&experienceId=EXUG74XED9ZN&iframeId=offer_6d6f23005f39a439ca3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT2ZKYIM82SF&offerId=fakeOfferId&experienceId=EXUG74XED9ZN&iframeId=offer_6d6f23005f39a439ca3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 3224
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-122-90
last-modified: Tue, 15 Mar 2022 13:11:20 GMT
server: cloudflare
etag: W/"33843-1647349880000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 6ed2c1017c49cc4a-ZRH
expires: Thu, 17 Mar 2022 05:48:36 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 3D4B 34 KB
7 KB 330ms
320ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=XUnXNMUrFF&version=1619704701000&language=en_US

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec70cfb1ce0aed65c10ebc00451fef58c830dbe4c02db1ba4115e7e3442c3c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT2ZKYIM82SF&offerId=fakeOfferId&experienceId=EXUG74XED9ZN&iframeId=offer_6d6f23005f39a439ca3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C0lev8rK6IO
pragma
wn: prod-dash-10-0-116-98
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6ed2c1017c4ccc4a-ZRH
expires: Thu, 17 Mar 2022 23:48:36 EDT

GET
H3 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 3D4B 60 KB
12 KB 331ms
321ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.105.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad17f3e4887e34b70f3ce18b89ab672b2f4d5db65237e58d704055fdc80d54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT2ZKYIM82SF&offerId=fakeOfferId&experienceId=EXUG74XED9ZN&iframeId=offer_6d6f23005f39a439ca3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 75239
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-89-195
last-modified: Tue, 15 Mar 2022 13:11:20 GMT
server: cloudflare
etag: W/"61519-1647349880000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 6ed2c1017c4fcc4a-ZRH
expires: Fri, 18 Mar 2022 03:48:36 GMT

GET
H3 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 3D4B 520 KB
156 KB 258ms
248ms Script
text/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=14.105.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

978533e747c483e61d642a67d62c1319a217d2ce8ec65a68f193f9ccfa801a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT2ZKYIM82SF&offerId=fakeOfferId&experienceId=EXUG74XED9ZN&iframeId=offer_6d6f23005f39a439ca3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3202
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-114-196
last-modified: Tue, 15 Mar 2022 13:11:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=601598
x-optimized-by: _sam
cf-ray: 6ed2c1017c50cc4a-ZRH
expires: Thu, 24 Mar 2022 02:55:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3D4B 5 KB
532 B 29ms
19ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

441e0467656e99238bd0547e5bdaac626664183d1f53903117e83dbfb2a45a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 02:19:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 03:48:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 03:48:36 GMT

GET
H3 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 3FA0 33 KB
6 KB 73ms
69ms Stylesheet
text/css 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTMYWL61R4SU&templateVariantId=OTVL8YQFRN20O&offerId=fakeOfferId&experienceId=EX1EAFJ3ZC4Z&iframeId=offer_da42fa59356a9144bc04-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTMYWL61R4SU&templateVariantId=OTVL8YQFRN20O&offerId=fakeOfferId&experienceId=EX1EAFJ3ZC4Z&iframeId=offer_da42fa59356a9144bc04-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 3224
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-122-90
last-modified: Tue, 15 Mar 2022 13:11:20 GMT
server: cloudflare
etag: W/"33843-1647349880000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 6ed2c1017c4acc4a-ZRH
expires: Thu, 17 Mar 2022 05:48:36 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 3FA0 34 KB
7 KB 255ms
245ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=XUnXNMUrFF&version=1619704701000&language=en_US

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec70cfb1ce0aed65c10ebc00451fef58c830dbe4c02db1ba4115e7e3442c3c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTMYWL61R4SU&templateVariantId=OTVL8YQFRN20O&offerId=fakeOfferId&experienceId=EX1EAFJ3ZC4Z&iframeId=offer_da42fa59356a9144bc04-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C0lev8rmevf
pragma
wn: prod-dash-10-0-122-90
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6ed2c1017c51cc4a-ZRH
expires: Thu, 17 Mar 2022 23:48:36 EDT

GET
H3 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 3FA0 60 KB
12 KB 245ms
234ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.105.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad17f3e4887e34b70f3ce18b89ab672b2f4d5db65237e58d704055fdc80d54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTMYWL61R4SU&templateVariantId=OTVL8YQFRN20O&offerId=fakeOfferId&experienceId=EX1EAFJ3ZC4Z&iframeId=offer_da42fa59356a9144bc04-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 75239
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-89-195
last-modified: Tue, 15 Mar 2022 13:11:20 GMT
server: cloudflare
etag: W/"61519-1647349880000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 6ed2c1018c52cc4a-ZRH
expires: Fri, 18 Mar 2022 03:48:36 GMT

GET
H3 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 3FA0 520 KB
156 KB 71ms
61ms Script
text/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=14.105.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

978533e747c483e61d642a67d62c1319a217d2ce8ec65a68f193f9ccfa801a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTMYWL61R4SU&templateVariantId=OTVL8YQFRN20O&offerId=fakeOfferId&experienceId=EX1EAFJ3ZC4Z&iframeId=offer_da42fa59356a9144bc04-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3202
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-114-196
last-modified: Tue, 15 Mar 2022 13:11:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=601598
x-optimized-by: _sam
cf-ray: 6ed2c1018c54cc4a-ZRH
expires: Thu, 24 Mar 2022 02:55:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3FA0 5 KB
532 B 29ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

441e0467656e99238bd0547e5bdaac626664183d1f53903117e83dbfb2a45a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 03:14:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 03:48:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 03:48:36 GMT

GET
H2 200 americanbanker3x.png
images.newsletters.arizent.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/ Frame 3FA0 8 KB
9 KB 12ms
11ms Image
image/png 2600:9000:224a:3a00:8:2b19:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.newsletters.arizent.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/americanbanker3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OTMYWL61R4SU&templateVariantId=OTVL8YQFRN20O&offerId=fakeOfferId&experienceId=EX1EAFJ3ZC4Z&iframeId=offer_da42fa59356a9144bc04-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3a00:8:2b19:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f2b6c5613e703f11e27309ad9e7115cabb98e70acb07b7417a3e68b6e083e24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Mar 2022 09:16:01 GMT
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2019 20:35:59 GMT
server: AmazonS3
age: 325957
etag: "19d4923e2aa582a437a134b96bfaf2e3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=1296000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 8610
x-amz-cf-id: ACFVQBtxC-zTJr0ULF06R_7c0JAGU54sIn9dQ6AcPQqBbcwTSqWqfw==

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame EFFB 64 KB
22 KB 19ms
11ms Script
application/x-javascript 2a02:26f0:fb:5a0::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5a0::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:48:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 13:47:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21887
Expires: Thu, 17 Mar 2022 04:48:36 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 3 KB
2 KB 178ms
126ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&s=80018

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9234ff982022ced5d68350424bdb5cc4fc2ddf08601aac3f69279da211180d90

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.americanbanker.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtdYHPETk42JkrNiRcvzVyx90jiEEoUKqq4NQeko%2BJzBfdibfcHEy3IVrw7rWj94rOVwtE9mfjPZvLFhNIXmsK5eiU9mO%2FQX9F70H1LMGRIK5Yq6xFO2yLro4bA1uzs7rAqEJFql4mUKbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6ed2c101da2f999e-CDG
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 42ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.americanbanker.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 48ms
19ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.americanbanker.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 419 B
249 B 65ms
50ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=196171691525988&correlator=4155822570935173&eid=31064151%2C31065485%2C31065651%2C21068767&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=16059533%2CAmericanBanker%2CArticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1993589879&sfv=1-0-38&ecs=20220317&fsapi=false&prev_scp=pos%3Dnative-in-article1%26id%3D200b96b7-a5a5-11ec-b79a-02c49424d9cb%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70&eri=1&cust_params=topics%3Dfraud-detection%252Ccrime-and-misconduct%252Cfraud%252Claw-and-regulation%26storyID%3D0000017c-a454-d8ad-a37f-e5f5ba1d0001%26PID%3Dnull%26ZetaSegments%3Dnull%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&abxe=1&dt=1647488916121&lmt=1647488916&dlt=1647488914269&idt=789&biw=1600&bih=1200&adxs=293&adys=1462&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&frm=20&vis=1&scr_x=0&scr_y=0&psz=730x0&msz=730x0&fws=4&ohw=1600&ga_vid=89691567.1647488915&ga_sid=1647488916&ga_hid=92692563&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

464afb6a974d430541fb126996772d026d9521c671412a7c7694ad313315ba30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CE0 6 KB
4 KB 86ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 17 Mar 2022 03:48:36 GMT
expires: Fri, 17 Mar 2023 03:48:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
21 KB 91ms
90ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=196171691525988&correlator=4155822570935173&eid=31064151%2C31065485%2C31065651%2C21068767&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=16059533%2CAmericanBanker%2CArticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%7C970x91&ifi=2&adks=383289919&sfv=1-0-38&ecs=20220317&fsapi=false&prev_scp=pos%3Dcollapsed_header1%26id%3D200bbe69-a5a5-11ec-8a73-0231bf2059f1%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70&eri=1&cust_params=topics%3Dfraud-detection%252Ccrime-and-misconduct%252Cfraud%252Claw-and-regulation%26storyID%3D0000017c-a454-d8ad-a37f-e5f5ba1d0001%26PID%3Dnull%26ZetaSegments%3Dnull%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&abxe=1&dt=1647488916153&lmt=1647488916&dlt=1647488914269&idt=789&biw=1600&bih=1200&adxs=436&adys=143&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x80&msz=728x40&fws=4&ohw=1600&ga_vid=89691567.1647488915&ga_sid=1647488916&ga_hid=92692563&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7d67a78f4835aaee27e0eec01ffc283da9f85de115af25d04a7a32bbf2b14058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21184
x-xss-protection: 0
google-lineitem-id: 5892011455
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379340884
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C15B 0
15 B 15ms
14ms Document
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.americanbanker.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.americanbanker.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Thu, 17 Mar 2022 03:48:36 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 323 B
560 B 37ms
34ms XHR
application/json 52.211.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAd596d3566-2d4d-4b7e-be11-6184018c5259,ss:%5B300.250,300.600,300.1050%5D,p:/16059533/AmericanBanker/Article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a00b1fca-61e8-110e-a30f-a7f06061ed8e&url=https%253A%252F%252Fwww.americanbanker.com%252Fnews%252Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%253Futm_campaign%253D2022%252520Newsletter%2526utm_medium%253Demail%2526_hsmi%253D189424896%2526_hsenc%253Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%2526utm_content%253D189424896%2526utm_source%253Dhs_email
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-143.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8423661d9cf1fe1727d90009cf1e63228f55ad975938af9553100e84f5d18fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
x-server-name: app01.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 323 B
561 B 35ms
35ms XHR
application/json 52.211.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAd0777c8d0-cd49-49b6-8d86-815436114ab7,ss:%5B300.250,300.600%5D,p:/16059533/AmericanBanker/Article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a00b1fca-61e8-110e-a30f-a7f06061ed8e&url=https%253A%252F%252Fwww.americanbanker.com%252Fnews%252Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%253Futm_campaign%253D2022%252520Newsletter%2526utm_medium%253Demail%2526_hsmi%253D189424896%2526_hsenc%253Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%2526utm_content%253D189424896%2526utm_source%253Dhs_email
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-143.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fdf59b5e0439d77d23bbb522b1770f3ef4ab4e3b21b207ca054e6ab0c10da70b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
x-server-name: app07.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7167388295226932863&pixelIndex=0&_=1647488915352
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7167388295226932863&pixelIndex=0&_=1647488915352&google_gid=CAESEN2bFmo8iXNIYYI4Qr_Di3s&google_cver=1

0
598 B

104ms
104ms

Script
text/javascript

34.230.94.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7167388295226932863&pixelIndex=0&_=1647488915352&google_gid=CAESEN2bFmo8iXNIYYI4Qr_Di3s&google_cver=1
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Server: 34.230.94.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-94-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7167388295226932863&pixelIndex=0&_=1647488915352&google_gid=CAESEN2bFmo8iXNIYYI4Qr_Di3s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
66 B 40ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=7167388295226932863
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame EFFB 47 B
638 B 78ms
21ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 9afcdc9bc7abf2058d32b42897c79942a504500fe4aace7a9b30633b496bcc08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
last-modified: Fri, 17 Sep 2021 03:48:36 GMT
server: Jetty(9.4.28.v20200408)
etag: 293q44stot10m2g2qm004dg0v6
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 47
expires: Fri, 17 Mar 2023 03:48:36 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 3484 43 B
947 B 57ms
13ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1472086&t=2

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1662401&lid=56730269&ctype=0&media=0&PageName=American_Banker+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsInN2MSI6Ii9uZXdzL2ZyYXVkc3RlcnMtcHJleS1vbi1iYW5rLWN1c3RvbWVycy1yZXR1cm5pbmctdG8tdG91cmlzdC1ob3Qtc3BvdHMiLCJpdG1zIjpbeyJwaWQiOiJPRkZFUl9JRCIsInBubSI6IlByb2R1Y3RSYXRlUGxhbk5hbWUifV19&rnd=1573719260&cpref=&loc=https%3a%2f%2fwww.americanbanker.com%2fnews%2ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spot

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:36 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3623078f-71d2-40ca-8459-602987529caa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
ib.adnxs.com/ Frame 3484 43 B
1019 B 16ms
14ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?add=26609450

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:36 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f136bf87-2b2e-45b4-91a0-1a93d48ec24e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 66ms
65ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=196171691525988&correlator=4155822570935173&eid=31064151%2C31065485%2C31065651%2C21068767&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=16059533%2CAmericanBanker%2CArticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600%7C300x1050&ifi=3&adks=1540969794&sfv=1-0-38&ecs=20220317&fsapi=false&prev_scp=pos%3Dbigbox1%26id%3D201cfc23-a5a5-11ec-8d25-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70&eri=1&cust_params=topics%3Dfraud-detection%252Ccrime-and-misconduct%252Cfraud%252Claw-and-regulation%26storyID%3D0000017c-a454-d8ad-a37f-e5f5ba1d0001%26PID%3Dnull%26ZetaSegments%3Dnull%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie=ID%3D151959aa9812e1f1%3AT%3D1647488916%3AS%3DALNI_MZPquWDo4sCXW3WPAb9fuQMc40LQQ&abxe=1&dt=1647488916227&lmt=1647488916&dlt=1647488914269&idt=789&biw=1600&bih=1200&adxs=1070&adys=224&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&frm=20&vis=1&scr_x=0&scr_y=0&psz=301x1169&msz=301x290&fws=516&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=89691567.1647488915&ga_sid=1647488916&ga_hid=92692563&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

45faef19b2cdb78bb0aac82f063ab2280499ac4825e43dfb34a9298c687a6ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12538
x-xss-protection: 0
google-lineitem-id: 5892857402
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138382361375
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
9 KB 73ms
72ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=196171691525988&correlator=4155822570935173&eid=31064151%2C31065485%2C31065651%2C21068767&output=ldjh&gdfp_req=1&vrg=2022031001&ptt=17&impl=fif&sc=1&iu_parts=16059533%2CAmericanBanker%2CArticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=4&adks=2615755361&sfv=1-0-38&ecs=20220317&fsapi=false&prev_scp=pos%3Dbigbox2%26id%3D201d4a8d-a5a5-11ec-ab00-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70&eri=1&cust_params=topics%3Dfraud-detection%252Ccrime-and-misconduct%252Cfraud%252Claw-and-regulation%26storyID%3D0000017c-a454-d8ad-a37f-e5f5ba1d0001%26PID%3Dnull%26ZetaSegments%3Dnull%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie=ID%3D151959aa9812e1f1%3AT%3D1647488916%3AS%3DALNI_MZPquWDo4sCXW3WPAb9fuQMc40LQQ&abxe=1&dt=1647488916238&lmt=1647488916&dlt=1647488914269&idt=789&biw=1600&bih=1200&adxs=1070&adys=514&oid=2&ucis=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&frm=20&vis=1&scr_x=0&scr_y=0&psz=301x1419&msz=301x290&fws=516&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=89691567.1647488915&ga_sid=1647488916&ga_hid=92692563&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8b29b9470b38b4e11340436fe81368485ee0871ac1396a8345a39715338881cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9291
x-xss-protection: 0
google-lineitem-id: 5942541543
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383852127
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.americanbanker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 3484 24 KB
10 KB 34ms
12ms Script
application/javascript 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1662401&lid=56730269&ctype=0&media=0&PageName=American_Banker+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsInN2MSI6Ii9uZXdzL2ZyYXVkc3RlcnMtcHJleS1vbi1iYW5rLWN1c3RvbWVycy1yZXR1cm5pbmctdG8tdG91cmlzdC1ob3Qtc3BvdHMiLCJpdG1zIjpbeyJwaWQiOiJPRkZFUl9JRCIsInBubSI6IlByb2R1Y3RSYXRlUGxhbk5hbWUifV19&rnd=1573719260&cpref=&loc=https%3a%2f%2fwww.americanbanker.com%2fnews%2ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spot
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 24 Mar 2022 03:48:36 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30FC 0
0 101ms
34ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQuV0frImWe9BKatIgB41lMGpQ3BQ0PeekLU3nyZa9bF6U_KXaUvqYGnRUda-tbYl6SHniIQHNKeG_33n4Ug2vferyw1XSsDPga4ZyEFghSiwUjZ0MHyLVvVUikj0cof_Kqo42zDdivEe0zYdGUcPlWzb3o_W_BI8rl5SHQkp4s2HleqSbD_kyfNdKk2OfEGfmDdyZJpFtdKWBrUoIhO2LCSjqjukR2WAlRWE9e5ggl7IOViiSvcMXM9K_CLgkwvHeRMRmOU0N1aQd8jzl42DOBXPzsrzHWTrEZ7yxhP3zAJNFLPlrroujtltc4Jde1ovbOZW3py7bU0J4ABnLNj1qK8v30lQsZLTXm-TJSBGVu4JqovalKkiGksr3ImjyzaIBYZGPJqz23gYXqz4mE_P0y4A&sig=Cg0ArKJSzLQJ6RJIEITFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 30FC 41 KB
15 KB 51ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 13:40:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30FC 117 KB
36 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 03:48:36 GMT

GET
H2 200 952085813504984156
s0.2mdn.net/simgad/ Frame 30FC 95 KB
96 KB 79ms
12ms Image
image/jpeg 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/952085813504984156

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6251714af3a4e8da633e997488ebbefa449f422ee1b1eeb3f050dfbc614f2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 06:12:41 GMT
x-content-type-options: nosniff
age: 509756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97786
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 17:20:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Mar 2023 06:12:41 GMT

GET
H2 200 lo.js Show response
d20519brkbo4nz.cloudfront.net/core/ 11 KB
5 KB 56ms
11ms Script
application/javascript 2600:9000:2156:3400:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d20519brkbo4nz.cloudfront.net/core/lo.js
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3400:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0dd2994a679ea0b4cfdb57f490a602ceaed5d9ccc9d440e19f03392eff06bd5

Request headers

Referer: https://www.americanbanker.com/
Origin: https://www.americanbanker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:37 GMT
content-encoding: gzip
age: 1345
x-cache: Hit from cloudfront
content-length: 4235
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 17:53:06 GMT
server: AmazonS3
etag: "1e2d9e872323cc09f9b4bb9909b21712"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 2H0liYnWwB5aF2mkj8MtyvlmXmo6y1sHAYF-tv7QXYQJHsLfIzR23Q==

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 42D9 287 KB
93 KB 33ms
10ms Script
application/javascript 143.204.101.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=ce8f9a1
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-98.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92f65d433b40a4c4719b742357563d08b1c16d6396571933da9f02f9ef7424d8

Request headers

Referer
Origin: https://www.americanbanker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:02:40 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1313158
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 01 Mar 2022 22:59:52 GMT
server: AmazonS3
etag: W/"16e967413dfa0346be281513c77581b9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GjlulFE6kgciC9F3hQWWFL7DltG29-ORB8FPoZeVwslLCw2jGi-4WQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B1F3 0
0 32ms
31ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuywwI1pEDicC7nB_qmQGFYJpeyB7w2BVTRy7k4FUQJ6BGT2hOAq_BSUeDg880LQFrxUvtH-Alf97R6hQo4jujZ0AQFjuZLrkWXjDzZui3-inMT-qR0BbwsfoIZYf3YTDBtYBWACrbf0lhQlSSxL74JFxax2_UMakPAXlI9A-_QWmEUlsfEJ7Sq5v0JOzo7Im3teCYepPZAHTeodxjE2h2qid84uBi-kG0ZFwHxOdgeKFW698Ztx4a4psNczInLZP3SzswqxJ0PJhEEGWoUaCWgLjqDvS61JU6xHCxdEESPZDMTabGse7Gig130E_TID5tFZxHnh-7vszF6exvO&sig=Cg0ArKJSzH0B9YzaHd72EAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame B1F3 2 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 03:32:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1F3 117 KB
36 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 03:48:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B1F3 0
0 21ms
19ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMEyzQ_WwjvqeX3igPmjGBGorCCsrL_SD3hgI3kOYIPdqVtHhhlX0tyc1CS0HZWRdoy5QM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 17408321368371519538
tpc.googlesyndication.com/simgad/ Frame B1F3 61 KB
61 KB 15ms
14ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17408321368371519538

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c621b00fbbdeaa4e5858330a454ff0aa109b2a7fa1e85f41fb27a9a03f7069f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:36:12 GMT
x-content-type-options: nosniff
age: 155545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62317
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 21:25:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 08:36:12 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 64ms
30ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_whirs&c=sf&s=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FA7 6 KB
3 KB 26ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 03:48:36 GMT
expires: Fri, 17 Mar 2023 03:48:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame EFFB 43 B
467 B 50ms
19ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.3.1&typ=pgv&rnd=l0ugd2o9yw7sbzei&sid=1141965811121236457&loc=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&new=1&arf=0&ltm=1647488915627&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l0ugd3ar8wfcvjgc&ckp=l0ugd2o1d1do4kkv&glb=&amo=1634926732.352&cp_userState=anon&cst=293q44stot10m2g2qm004dg0v6
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:37 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H2 200 americanbanker3x.png
images.newsletters.arizent.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/ Frame 896E 8 KB
9 KB 75ms
14ms Image
image/png 2600:9000:224a:3a00:8:2b19:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.newsletters.arizent.com/nudges/content/d688c78356fc42cc21b6aa7da6be4a8d/8859f8ce/images/americanbanker3x.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT58MDPVHWE9&offerId=fakeOfferId&experienceId=EXU42OJOR406&iframeId=offer_d036536c7c50b6eb3855-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3a00:8:2b19:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f2b6c5613e703f11e27309ad9e7115cabb98e70acb07b7417a3e68b6e083e24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Mar 2022 09:16:01 GMT
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2019 20:35:59 GMT
server: AmazonS3
age: 325957
etag: "19d4923e2aa582a437a134b96bfaf2e3"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=1296000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 8610
x-amz-cf-id: 9rt8Hklu_BqxRZ_1dEPthBEbpjr1J_EvcRhbLxWsTHIBSxt52sSyfg==

GET
H2 200 rules-p-59TDtw8Xc0wSM.js Show response
rules.quantcount.com/ Frame 3484 784 B
1 KB 45ms
12ms Script
application/javascript 2600:9000:2156:2a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-59TDtw8Xc0wSM.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 713fc9f8abe79cb80fc0207cbd722d60746e79796a09a208942691386394473a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:37 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age: 690
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 784
last-modified: Mon, 19 Jul 2021 19:53:53 GMT
server: AmazonS3
etag: "f375410bb18e492a5621549c766bae93"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: I4jy7PyFukO0ILTFGtiJwBPREjGfiPhsfMIOuHwRt6WZr1FfkDtGWA==

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 116 B
689 B 61ms
19ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l0ugd2o1d1do4kkv%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22293q44stot10m2g2qm004dg0v6%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22293q44stot10m2g2qm004dg0v6%22%7D%5D%2C%22siteId%22%3A%221141965811121236457%22%2C%22location%22%3A%22https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email%22%7D&callback=cXJsonpCBl0ugd3ms82t28nwz

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

0a399a985644edae38fd3765157f06f8c7e4fa6b5ae6bcbe11d0c3b48ff09563

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:37 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 116
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 30FC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8228de0c4c65ce2092fc715487981ef46855c826edc0a3f2b0627ef505d5e9cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 2ED7 47 KB
13 KB 89ms
30ms Script
application/javascript 52.211.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=970x250&pubId=80481493&chanId=93394093&placementId=5892011455&pubCreative=138379340884&pubOrder=2970374088&cb=670559346&custom=collapsed_header1&adsafe_par&impId=200bbe69-a5a5-11ec-8a73-0231bf2059f1&custom2=2022%20Newsletter&custom3=hs_email_email
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fd2785400971f2569f65a0fafa0e70a5162af8c6bc2a04a5941884ed3b0126af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:37 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B1F3 0
0 47ms
31ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTZdL94FNSLfL_sw0cOalXchwlWn7A4oqZqocMyCPCrbAeMyLf5wdl_XrzzTNSjEMHsqnmCNmHFAuGtupxMpl3EXlUc-ZfqhmsnpLoXA7z63CB0vFKW802t8BaRO5pnOHd4hVQT0wcc2itiDnKqNgSmLGCY1oVOsFq6tV0oLS9QCjvF3l5NrypE7xgQ42byTvk2MlEeU9CWj3NZIbLyYKNen7FJs5uD-xjjFYAZW-g7yIiJEEs2vPaIxFoGhlzdhmmGRTQphddtC6udsYqPltTNwkj5Nkm8pWEffhQEmkLS_gvJsQj9h6ewhIoYNDb7aj6EFMSo-5p5axheToR88E&sig=Cg0ArKJSzKcGTzDtVkvaEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 03:48:37 GMT

GET
DATA 200
OK truncated
/ Frame B1F3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a5ccbce45d67fadba3ae9c26b5728649f20f25c80dae024a69baabc77ac1a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B47F 47 KB
13 KB 55ms
52ms Script
application/javascript 52.211.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=300x250&pubId=5090446010&chanId=93394093&placementId=5892857402&pubCreative=138382361375&pubOrder=2970457083&cb=2142491812&custom=bigbox1&adsafe_par&impId=201cfc23-a5a5-11ec-8d25-06d8cca89c2a&custom2=2022%20Newsletter&custom3=hs_email_email
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d0201b765179aaff875c4a2e951b91a44df8311d9a8f182637d88afd0c2f467

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:37 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 896E 2 KB
3 KB 31ms
31ms Image
image/png 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:37 GMT
cf-cache-status: HIT
age: 3227
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-114-196
last-modified: Tue, 15 Mar 2022 13:25:12 GMT
server: cloudflare
etag: W/"2177-1647350712000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6ed2c104cd4fcc4a-ZRH
expires: Thu, 17 Mar 2022 05:48:37 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 896E 23 KB
23 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 29887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame 896E 23 KB
23 KB 29ms
15ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 29886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 30FC 0
0 32ms
32ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbDEhyMC4AT4s-nK8k8jgWzVZzkdCUYfpy7aIksh2wJ7157gi0gV0G97S7Wq0hZXIDpjC2gVVm5q6i9nS6GXSe8yj_DApgY1_SjW051ku6O7YdHiHJ_CkOktbBo9sbrHjFkrSNzjzCRF2vOFX3lQ3yQRX7uohR2QKkuhZfG_ofLv5R2yYSe_g7z-im3ifRpLI5t6nuBD4iiSShRKYwz-SD0LOUVMl0Rz_Yc9Pcdk26l0-CSWQm7H4SJPdxNr00FFpN2zKaGfV2ppwq4fg0GP96ZUQ00pwBlDimRvcND-olWfk6uEaJPvBQLB5d2OGztR25bIIijzzmYxmPKvhtJG8&sig=Cg0ArKJSzNVM4t0wqWmCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 03:48:37 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A4F4 22 KB
8 KB 25ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 22:16:44 GMT
expires: Tue, 14 Mar 2023 22:16:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 192713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 80018 Show response
settings.luckyorange.com/ 165 B
181 B 134ms
125ms Fetch
application/json 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/80018
Requested by: Host: d20519brkbo4nz.cloudfront.net
URL: https://d20519brkbo4nz.cloudfront.net/core/lo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 548cadb46f2b92d88090b94a52ee774cb37ac9be4e169afc7cb8a34b4cb047b5

Request headers

Referer: https://www.americanbanker.com/
Accept-Language: de-DE,de;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:37 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.americanbanker.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165

OPTIONS
H2 200 80018
settings.luckyorange.com/ Frame 0
0 141ms
115ms Preflight 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/80018
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lucky-uid
Origin: https://www.americanbanker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.americanbanker.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-max-age: 86400
date: Thu, 17 Mar 2022 03:48:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/ Frame 2FA7 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/abg_lite_fy2019.js

Requested by

Host: cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
URL: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 03:23:59 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2FA7 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
URL: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 11:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Mar 2023 11:48:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FA7 117 KB
36 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
URL: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 03:48:37 GMT

GET
H2 200 pixel;r=964215480;labels=_fp.event.American%20Banker%20Easy%20Tag;event=refresh;rf=0;a=p-59TDtw8Xc0wSM;url=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1662401%26lid%3D56730269%26cty...
pixel.quantserve.com/ Frame 3484 35 B
472 B 24ms
11ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=964215480;labels=_fp.event.American%20Banker%20Easy%20Tag;event=refresh;rf=0;a=p-59TDtw8Xc0wSM;url=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1662401%26lid%3D56730269%26ctype%3D0%26media%3D0%26PageName%3DAmerican_Banker%2BUniversal%2BTag%26orderid%3DUNIQUE_ORDER_ID%26sysvars%3D%257corderid%253dUNIQUE_ORDER_ID%257c%257c%257c%2540%2540%257cpid%253dOFFER_ID%257cpnm%253dProductRatePlanName%257c%26itm%3DeyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsInN2MSI6Ii9uZXdzL2ZyYXVkc3RlcnMtcHJleS1vbi1iYW5rLWN1c3RvbWVycy1yZXR1cm5pbmctdG8tdG91cmlzdC1ob3Qtc3BvdHMiLCJpdG1zIjpbeyJwaWQiOiJPRkZFUl9JRCIsInBubSI6IlByb2R1Y3RSYXRlUGxhbk5hbWUifV19%26rnd%3D1573719260%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.americanbanker.com%252fnews%252ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spot;ref=https%3A%2F%2Fwww.americanbanker.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-300530397-1647488916682;pbc=;ns=1;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=a2.adform.net;je=0;sr=1600x1200x24;dst=0;et=1647488916681;tzo=0;ogl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 3FA0 2 KB
3 KB 36ms
36ms Image
image/png 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:37 GMT
cf-cache-status: HIT
age: 3227
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-114-196
last-modified: Tue, 15 Mar 2022 13:25:12 GMT
server: cloudflare
etag: W/"2177-1647350712000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6ed2c105ad88cc4a-ZRH
expires: Thu, 17 Mar 2022 05:48:37 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame 3FA0 23 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 29886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 3FA0 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 29887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 3D4B 2 KB
3 KB 35ms
34ms Image
image/png 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:37 GMT
cf-cache-status: HIT
age: 3227
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-114-196
last-modified: Tue, 15 Mar 2022 13:25:12 GMT
server: cloudflare
etag: W/"2177-1647350712000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6ed2c105ed9bcc4a-ZRH
expires: Thu, 17 Mar 2022 05:48:37 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame 3D4B 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 29886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 3D4B 23 KB
23 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 29887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
H2 200 main.gr.19.8.299.js Show response
static.adsafeprotected.com/ Frame 2ED7 189 KB
60 KB 50ms
9ms Script
application/javascript 2600:9000:2156:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=970x250&pubId=80481493&chanId=93394093&placementId=5892011455&pubCreative=138379340884&pubOrder=2970374088&cb=670559346&custom=collapsed_header1&adsafe_par&impId=200bbe69-a5a5-11ec-8a73-0231bf2059f1&custom2=2022%20Newsletter&custom3=hs_email_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 20:37:01 GMT
content-encoding: gzip
age: 803497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Mar 2022 19:11:01 GMT
server: AmazonS3
etag: W/"587738d3e44b43a2620f42eb51d89fbf"
vary: Accept-Encoding
x-amz-version-id: kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: 7wsH7LhNIDJPk17VfjFUC0OK5wjB0AfBqeFkrXhy1hljtIQRUFD7lw==

GET
H2 200 main.gr.19.8.299.js Show response
static.adsafeprotected.com/ Frame B47F 189 KB
60 KB 62ms
23ms Script
application/javascript 2600:9000:2156:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=300x250&pubId=5090446010&chanId=93394093&placementId=5892857402&pubCreative=138382361375&pubOrder=2970457083&cb=2142491812&custom=bigbox1&adsafe_par&impId=201cfc23-a5a5-11ec-8d25-06d8cca89c2a&custom2=2022%20Newsletter&custom3=hs_email_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 20:37:01 GMT
content-encoding: gzip
age: 803497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Mar 2022 19:11:01 GMT
server: AmazonS3
etag: W/"587738d3e44b43a2620f42eb51d89fbf"
vary: Accept-Encoding
x-amz-version-id: kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: LQfl0fga8QJuMCmvyjBSbZJCI3NG06txfuJjSVBonEL0OUQylfexCA==

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 2FA7 109 KB
38 KB 30ms
14ms Script
text/javascript 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
URL: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/
Origin: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 12:02:29 GMT

GET
H3 200 Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js Show response
pagead2.googlesyndication.com/bg/ Frame A4F4 35 KB
14 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13802
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 22:15:46 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/257653/4987953324/1646755542812/ Frame A524 15 KB
4 KB 34ms
17ms Document
text/html 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c8fb519b1b2e5da2520d210be9bba38527b0c39f162101b0c9b4b22838a28f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 4352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 06:12:46 GMT
expires: Thu, 17 Mar 2022 06:12:46 GMT
cache-control: public, max-age=86400
age: 77751
last-modified: Tue, 08 Mar 2022 16:05:43 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2FA7 0
23 B 51ms
50ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUt-TwY-OJnKrl5fkHiAUiFeEFvyCKkfd2hp4KP2_ouimncg7V6DYRGJYhRV7uezbISD6sK5DNK7JfLrRKYe0K56BDnGnNkFQoAJAhv-2-TRAcDpd-ririyBkaTbRFKat7qaYzttrCCr-Pk8KaJ8N4z2K2X8xxPOQbZQV3zLnbAN-umwTuHpY7MrmW7JomSnK22FztsDfKgmsXkAz4wLvQZZLjYDE5lViccXMq-slihKacktJQLm8nHczhDpqueWfX0tHBxkf0bP4XicnLWTmAwSg-K5fVEm28aW6pS85aB3PkDzvl15PIUU0b5zT4vPf0ts4awwnvgockkD8S&sig=Cg0ArKJSzFAfa318URPGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
URL: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame A8AA 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:2156:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 2555434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: jUO1lq6ncyUe-AxL1OaujfyZAVPkNyO0wS988PypGn36xSpvGfwCvQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 33ms
33ms Image
image/gif 52.211.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=11046&campId=970x250&pubId=80481493&chanId=93394093&placementId=5892011455&pubCreative=138379340884&pubOrder=2970374088&cb=670559346&custom=collapsed_header1&adsafe_par&impId=200bbe69-a5a5-11ec-8a73-0231bf2059f1&custom2=2022%20Newsletter&custom3=hs_email_email&adsafe_url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.americanbanker.com%2F&adsafe_type=f&adsafe_jsinfo=,id:86ba0be6-5f2e-ad0a-174c-ae4eb6efef68,c:75sYr9,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-67cb66fbd5-xnvck,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:315.163.970.250,am:i,cc:315.163.970.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:204,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17*.11046%7C171%7C1721%7C18%7C191%7C1a1,idMap:17*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:235,oid:204f085d-a5a5-11ec-9dca-b2ac617fee38,v:19.8.299,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-143.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:37 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 307ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=86ba0be6-5f2e-ad0a-174c-ae4eb6efef68&tv=%7Bc:75sYrc,pingTime:-8,time:237,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:237,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:233,wc:0.0.1600.1200,ac:315.163.970.250,am:i,cc:315.163.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B27~100%5D,as:%5B27~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17*.11046%7C171%7C1721%7C18%7C191%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:37 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 39BA 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:2156:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 2555434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: YfumB-zSKUuabH7WvHigFyWWHpv0P3pELy5PiGLNyROJvgw1MHQd7w==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 32ms
32ms Image
image/gif 52.211.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=11046&campId=300x250&pubId=5090446010&chanId=93394093&placementId=5892857402&pubCreative=138382361375&pubOrder=2970457083&cb=2142491812&custom=bigbox1&adsafe_par&impId=201cfc23-a5a5-11ec-8d25-06d8cca89c2a&custom2=2022%20Newsletter&custom3=hs_email_email&adsafe_url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.americanbanker.com%2F&adsafe_type=f&adsafe_jsinfo=,id:5f7acfb8-f584-966c-2740-a500cef00f16,c:75sYrR,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-67cb66fbd5-hkfv8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1070.474.300.250,am:i,cc:1070.474.300.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:260,fm:t0j5B9y+111%7C121%7C131%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C19*.11046%7C191%7C1a1,idMap:19*,pl:,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:276,oid:204fcc81-a5a5-11ec-9faf-62c6279d31fb,v:19.8.299,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-143.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:37 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 9908eecc962e3bd8e09fd0af49011217.js Show response
s0.2mdn.net/dfp/257653/4987953324/1646755542812/ Frame A524 78 KB
20 KB 21ms
20ms Script
text/javascript 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/9908eecc962e3bd8e09fd0af49011217.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b7d6e3088742f967c75903f8403a8b4a042860ca896c0ddb67eef147e7eb6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20431
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 16:05:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 06:12:46 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 268ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=86ba0be6-5f2e-ad0a-174c-ae4eb6efef68&tv=%7Bc:75sYsZ,pingTime:0,time:348,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:233%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:348,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:233,wc:0.0.1600.1200,ac:315.163.970.250,am:i,cc:315.163.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B138~100%5D,as:%5B138~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17*.11046%7C171%7C1721%7C18%7C191%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 266ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=5f7acfb8-f584-966c-2740-a500cef00f16&tv=%7Bc:75sYt9,pingTime:0,time:355,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:275%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:355,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:275,wc:0.0.1600.1200,ac:1070.474.300.250,am:i,cc:1070.474.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B93~100%5D,as:%5B93~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17.11046%7C171%7C1721%7C173%7C18%7C19*.11046%7C191%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 263ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=86ba0be6-5f2e-ad0a-174c-ae4eb6efef68&tv=%7Bc:75sYts,pingTime:-2,time:377,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:348,beZ:350,mfA:553,cmA:555,inA:555,inZ:562,prA:562,prZ:572,si:584,poA:587,poZ:610,cmZ:610,mfZ:610,loA:699,loZ:703,ltA:726,ltZ:726%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:233%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:377,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:233,wc:0.0.1600.1200,ac:315.163.970.250,am:i,cc:315.163.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B168~100%5D,as:%5B168~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17*.11046%7C171%7C1721%7C18%7C19.11046%7C191%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/16059533/AmericanBanker/Article_0,google_ads_iframe_/16059533/AmericanBanker/Article_0__container__,googleAda7cab885-7b6e-4c97-bc02-a5ed6a2b9204%5D,sinceFw:139,readyFired:true%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt58.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 263ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=5f7acfb8-f584-966c-2740-a500cef00f16&tv=%7Bc:75sYtv,pingTime:-2,time:377,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:290,beZ:292,mfA:551,cmA:552,inA:552,inZ:554,prA:554,prZ:562,si:567,poA:567,poZ:602,cmZ:602,mfZ:602,loA:647,loZ:649,ltA:668,ltZ:668%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:275%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:377,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:275,wc:0.0.1600.1200,ac:1070.474.300.250,am:i,cc:1070.474.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B115~100%5D,as:%5B115~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17.11046%7C171%7C1721%7C173%7C18%7C19*.11046%7C191%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,slid:%5Bgoogle_ads_iframe_/16059533/AmericanBanker/Article_2,google_ads_iframe_/16059533/AmericanBanker/Article_2__container__,googleAd596d3566-2d4d-4b7e-be11-6184018c5259,scrollContainer%5D,sinceFw:100,readyFired:true%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 d4e614d022bddd3daf6fa1050b4b4029.png
s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/ Frame A524 14 KB
14 KB 15ms
14ms Image
image/png 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/d4e614d022bddd3daf6fa1050b4b4029.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11f99ec8e40b3c97670090f5f47e7ddc2a2fc76881c97ae731695493ffd591d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:46 GMT
x-content-type-options: nosniff
age: 77751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14814
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 16:05:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 06:12:46 GMT

GET
H3 200 e170bddd2cee2fde410bc84bb7b162ce.svg
s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/ Frame A524 11 KB
2 KB 16ms
15ms Image
image/svg+xml 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/e170bddd2cee2fde410bc84bb7b162ce.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d5142f2c70adff867e98ceda596f2160f3f0930b19462348bd07aaab4ca36c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2127
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 16:05:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 06:12:46 GMT

GET
H3 200 e7f883caeebac126e2e5def8efbf3016.svg
s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/ Frame A524 4 KB
1 KB 18ms
17ms Image
image/svg+xml 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/e7f883caeebac126e2e5def8efbf3016.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ece479bf861fa98087d36c0acc059976b8c649d8086d5e8b40248717a57678d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 16:05:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 06:12:46 GMT

GET
H3 200 4617c866d30a410b65e5b2115575484c.svg
s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/ Frame A524 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/4617c866d30a410b65e5b2115575484c.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf59590597bf2213724fc3b38bc3b5a397ad9a1f29734fba233b1c50fb3a8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 16:05:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 06:12:46 GMT

GET
H3 200 1c2c6c3914733a39e7319565dbb96837.svg
s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/ Frame A524 3 KB
1 KB 18ms
17ms Image
image/svg+xml 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/1c2c6c3914733a39e7319565dbb96837.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d616f8f8bbfc67dc9ae707aadbbd75144f70b800c7c79ab0fc2c9559bb62297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1460
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 16:05:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 06:12:46 GMT

GET
H3 200 453927e53d9fe502e270c961355b821f.svg
s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/ Frame A524 13 KB
3 KB 18ms
17ms Image
image/svg+xml 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/453927e53d9fe502e270c961355b821f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9ace2e478f62e9aba9e6404150fd0a09bedbff02313863ada0236420810a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3215
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 16:05:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 06:12:46 GMT

GET
H3 200 263e9c108e2499309c116cb3890f80b2.svg
s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/ Frame A524 2 KB
731 B 15ms
14ms Image
image/svg+xml 2a00:1450:400e:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/media/263e9c108e2499309c116cb3890f80b2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4f9d411525faa23f3c022b344c0416cff1ab3e54fd534a3a6d37e1dbcfddc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/257653/4987953324/1646755542812/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 705
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 16:05:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 06:12:46 GMT

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 98ms
98ms Script
text/javascript 34.230.94.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=7568712%2C6451507%2C6745137&cl=342&pixelIndex=0&r=199286&tzOffset=0&url=https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email&id=7167388295226932863&_=1647488915353
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.94.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-94-213.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1 200
OK seg
ib.adnxs.com/ 43 B
1019 B 14ms
14ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=827&add=7568712,6451507,6745137

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5d808c35-8cbe-4cad-908c-23d6c7277e91
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 43 B
947 B 21ms
21ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=803560&t=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d6a3eac7-aa61-4618-9549-ada8ffdf4fc3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2FA7 0
0 33ms
33ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspRWvBofi5UpvtzbCGAjf09Ij2Mr7pInBssue5z2yVCfhIs59poMX3ESmootCjIZ22N2Cc98FKLnrQNuDfTF87XX78s0nl-nG6QP3M_fQ2PfzA2wpfHkZ083UWMpOg6FVsmNx4wLtIICeqSbeIBp2y4pb7EvHKKBKSfhrMlVpbHUHZyE9AF5HhwLRwFog6RZKyzZJXfHAnRai9dJjWXXdmXgsMuQPj4R2yDLbaE7zUHvAcy3W9SC6w81FDkwJpWqC7cuv4CPagl9FUcIcxItowZDGQiE543KhBaQt2FYr-SUfdaRK-uXTrv5p5kRB0nVV26HMTt0IJM3ZmQqhH6dM&sig=Cg0ArKJSzF8LJAMfFarUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 03:48:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A4F4 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRNUVlK8yYs61NMWC3gO2j7yQDgAAAAA4AeAEAg&bg=!AQKlAkbNAAba2mK92to7ACkAdvg8Wnsd4OAYgrqYtFf_Etu42lzqF_wLHQwAn3mpfM1l4ocWnmhUxQIAAAG_UgAAAANoAQeZAwP4ZJPQa1GSuAQeKFIVzGcxq17H_GPNZv5K7kPNUZllghgwGia_xxgJtFXOocR2AvRzrLiP9UcMu9h96Z_bG2vDVeJHatQXcpvL7vj9Hm7_rUYGO_ywIdhJEOcqrx_vWYc9wntoo0P47rzmt8Z8t7FHdPAsxMwgFIHjVBno-SfMd0ttHujCCz9vDWSM5wcds2yuR8v1zVKcB3Vdr_P42WELTwdWrfb0PmoLXXbvRM_XfMsa5ncwtzZw-itO-lkISMUU9b5njyTkLzypcwST-_TIGfSXqSJv1Y78o44D8nCxvjs6Zv7nnSMVhg1ACgmZAOwm07CH7Gkjy8Rr-982QzQFPkiI0ZlwGUyR-zWpx5fJ_EA2M-ev5-DYKGO1CEJ5T5rXfS_82e2UMY9iX3ZPxuBnSZmTK7rK6qY_aC4a3VI6aayYJvh-qIY72ZRWKSrpWKvU9dgcvdvTwc2_e3Sj3hqHnlRahyu-sB0pLzq2KqfCTR7o1V-aHv9eP1zQBtBdryhelp9iLGav9evpd1U6uHYeg2WIQFGGJvlQpdayCw9bUuKeVCpwtjkHI_7YVoQ-QObUjvcpprUqV7XZtwlEOBPmF2JPRL5kzwDFaodrDvm7HviNe17HayxQ2DkLwK1wYiVixC63GPB57s1p9lY_dhv4-G6ABeWIftu8IcughzuIqRKxRm7g6UXEocSLNNcTzoWxIDMX0OSGuwcPAvTTX-IbNNUJ08pjIhU9CNJZFrFrithy7YHPp3JxGsj8dGUYQj_y_yJzIPZ3bdAapCnJogubfoNSb0o0cFSDWtpDwp0HmvZ9-Nz7rxQ3aMECp9QP5St4Pcy85jGGdqvxbXxjoKl04xEV9h-ULzHgcDLgo1ublefV4PJNSqM-qh_Waoax2NVqJhhG_KfRkSLbeZlYEIIpqWfDkjV1UGQq1ZkRta4gCvGSpehgKTKYX_s1o6TT80brfzi1KYI0tyQk5dMz2pmJdF-HU_hdOk7vorVdVh8jW5mC8hhtbgciRLzy-xiBSL2lK6c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 95ms
95ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=86ba0be6-5f2e-ad0a-174c-ae4eb6efef68&tv=%7Bc:75sYx9,time:606,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:606,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:233,wc:0.0.1600.1200,ac:315.163.970.250,am:i,cc:315.163.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B397~100%5D,as:%5B397~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:338,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17*.11046%7C171%7C1721%7C18%7C19.11046%7C191%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 98ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=5f7acfb8-f584-966c-2740-a500cef00f16&tv=%7Bc:75sYxa,time:604,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:604,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:275,wc:0.0.1600.1200,ac:1070.474.300.250,am:i,cc:1070.474.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B342~100%5D,as:%5B342~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17.11046%7C171%7C1721%7C173%7C18%7C19*.11046%7C191%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=u
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 88ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=86ba0be6-5f2e-ad0a-174c-ae4eb6efef68&tv=%7Bc:75sYyz,pingTime:-10,time:694,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1647488917471%7C%7Ca62ebfc20d329d69b3b780f1157ca9a3%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C705f1dfd2cdd50695b419d561ddaf8ee%7C%7C9af258a2f90af160590567fa97cd78d5%7C%7Cb7dd8d13018062c8e689b48b5ee6a1b6%7C%7Cbdb44fb5cf34152a60780da21c3a52cc%7C%7C5fc82303b37b600e50b902987de6bba5%7C%7C1629390669%7D
Requested by: Host: www.americanbanker.com
URL: https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%20Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B1F3 42 B
64 B 30ms
16ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTRi0gYs8Rc6XnTwRNuwqHQJJzkbcCvYu0j6ZwiK_0svWmOc1oBg66ZWc6jo1CXib0VSEhX2RcFwRa3trGn3_mewZg-O-QQYRJZR8tbhxZR-NKP6Wg&sig=Cg0ArKJSzCWC9RwxkyZSEAE&id=lidar2&mcvt=1000&p=474,1070,724,1370&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1540969794&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647488916316&rpt=167&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 22ms
21ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5029f53ccdca2424d3c5d8662d9669e02ca9d0c036dbc23daf251af0f436618e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 03:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10504
x-xss-protection: 0

GET
H2 200 blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
2 KB 8ms
8ms Image
image/png 143.204.101.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-98.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:59:56 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
last-modified: Tue, 01 Mar 2022 22:59:52 GMT
server: AmazonS3
age: 1313323
etag: "2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1283
x-amz-cf-id: zJv4-6vkOQMlOfJVNWWbqn9x_re3B7dVkAtmnMgEnL9wxBfkHMjsQw==

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 9ms
8ms Image
image/png 143.204.101.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-98.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:59:56 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
last-modified: Tue, 01 Mar 2022 22:59:52 GMT
server: AmazonS3
age: 1313323
etag: "35ce74c31e3ef54462a234340af702d7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: QyWdLH4UsC4gzig4749d0pe_Y342xsR-aGIgXKvuWehrr6KvqAYZSw==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
617 B 9ms
9ms Image
image/png 143.204.101.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-98.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:59:56 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
last-modified: Tue, 01 Mar 2022 22:59:52 GMT
server: AmazonS3
age: 1313323
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 277
x-amz-cf-id: 7_NfLACh7iNnDfptSjhokypmttAOcfWO-4CALiEAacbQ6J80Nql6xw==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031001.js?cb=31065651

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 03:48:38 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30FC 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsun3-6efvvDW6NU3MwVYaKYtF2IK-iucZFQ8ajkXIxkGDxhTMiAb3Eg6stxgKS-3sBxGg5m3bBbqyJO-h_0dpXC-0wkIUXIOdI5na1Ljr4oquqjOPSba_Gjq8EFnDYrMubncxAtD0GnjlvikkZdITwPEtp8LfMvEKTH7Nu0pJIO4Ki2QMiqeg&sig=Cg0ArKJSzI_BOBJA6TzDEAE&id=lidar2&mcvt=1110&p=163,315,413,1285&mtos=1110,1110,1110,1110,1110&tos=1110,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=383289919&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647488916277&rpt=292&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 978A 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 22:36:34 GMT
expires: Thu, 16 Mar 2023 22:36:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 18724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3788 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

85c74e39cd6d8842801bf153c166c073eca5df5f90bd78a76ca2230d9e8f4258

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-on1jy1CSBs5Ka5ISFj39gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 17 Mar 2022 03:48:38 GMT
date: Thu, 17 Mar 2022 03:48:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-on1jy1CSBs5Ka5ISFj39gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3788 0
0 60ms
60ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031001&jk=196171691525988&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 978A 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 22:09:11 GMT

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 14ms
14ms Stylesheet
text/css 143.204.101.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=ce8f9a1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-98.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:59:56 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 22:59:52 GMT
server: AmazonS3
age: 1313323
etag: W/"7144eaceff0b31347712515a6116074e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uwb87Az9LCZ5vFqcjrdHsSNSxhq5DoYEbbbeIOIxLXl28knOKFRWwA==

GET
BLOB 200
OK df6f20ab-05dc-4bdc-a03b-25d822bb9ebd
https://www.americanbanker.com/ Frame 42D9 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.americanbanker.com/df6f20ab-05dc-4bdc-a03b-25d822bb9ebd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK e81a89cf-c548-4f2b-b7e1-ef544f693a83
https://www.americanbanker.com/ Frame 42D9 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.americanbanker.com/e81a89cf-c548-4f2b-b7e1-ef544f693a83
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 31224

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 978A 0
9 B 13ms
13ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nmd1Ww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 03:48:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=86ba0be6-5f2e-ad0a-174c-ae4eb6efef68&tv=%7Bc:75sYJ9,pingTime:1,time:1350,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:233%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1350,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:233,wc:0.0.1600.1200,ac:315.163.970.250,am:i,cc:315.163.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1140~100%5D,as:%5B1140~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:91,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17*.11046%7C171%7C1721%7C18%7C19.11046%7C191%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 89ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=86ba0be6-5f2e-ad0a-174c-ae4eb6efef68&tv=%7Bc:75sYJ9,pingTime:1,time:1350,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:233%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1350,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:233,wc:0.0.1600.1200,ac:315.163.970.250,am:i,cc:315.163.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1140~100%5D,as:%5B1140~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:91,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17*.11046%7C171%7C1721%7C18%7C19.11046%7C191%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 101ms
101ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=86ba0be6-5f2e-ad0a-174c-ae4eb6efef68&tv=%7Bc:75sYJa,pingTime:1,time:1351,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:233%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1351,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:233,wc:0.0.1600.1200,ac:315.163.970.250,am:i,cc:315.163.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1141~100%5D,as:%5B1141~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:91,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17*.11046%7C171%7C1721%7C18%7C19.11046%7C191%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 88ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=5f7acfb8-f584-966c-2740-a500cef00f16&tv=%7Bc:75sYJj,pingTime:1,time:1357,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:275%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1357,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:275,wc:0.0.1600.1200,ac:1070.474.300.250,am:i,cc:1070.474.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1095~100%5D,as:%5B1095~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:100,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17.11046%7C171%7C1721%7C173%7C18%7C19*.11046%7C191%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt58.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=5f7acfb8-f584-966c-2740-a500cef00f16&tv=%7Bc:75sYJj,pingTime:1,time:1357,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:275%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1357,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:275,wc:0.0.1600.1200,ac:1070.474.300.250,am:i,cc:1070.474.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1095~100%5D,as:%5B1095~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:100,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17.11046%7C171%7C1721%7C173%7C18%7C19*.11046%7C191%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:publ1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=5f7acfb8-f584-966c-2740-a500cef00f16&tv=%7Bc:75sYJk,pingTime:1,time:1358,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:275%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1358,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:275,wc:0.0.1600.1200,ac:1070.474.300.250,am:i,cc:1070.474.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1096~100%5D,as:%5B1096~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:100,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17.11046%7C171%7C1721%7C173%7C18%7C19*.11046%7C191%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:grpm1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 98ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=5f7acfb8-f584-966c-2740-a500cef00f16&tv=%7Bc:75sYL4,pingTime:-10,time:1466,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1647488917471%7C%7Ca62ebfc20d329d69b3b780f1157ca9a3%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C705f1dfd2cdd50695b419d561ddaf8ee%7C%7C9af258a2f90af160590567fa97cd78d5%7C%7Cb7dd8d13018062c8e689b48b5ee6a1b6%7C%7Cbdb44fb5cf34152a60780da21c3a52cc%7C%7C5fc82303b37b600e50b902987de6bba5%7C%7C1629390669,sca:%7Bspg:86ba0be6-5f2e-ad0a-174c-ae4eb6efef68%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:38 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FA7 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0gBh_38kb-uLw4p12oMEKbu1qEqQvQmWXo1r_iigbuYNgjey1-IrNY9_EtRnOJ-SHyTZHZHEGaB2kEH-R-ivwg8tmfxOOfIhrZ5GmD5dHsDPcgo6p&sig=Cg0ArKJSzG-SXdGxNmqJEAE&id=lidar2&mcvt=1000&p=764,1070,1014,1370&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=2615755361&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647488916338&rpt=984&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
31ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031001&jk=196171691525988&bg=!SEulSw_NAAba2mK92to7ACkAdvg8WmRVzMih6M3ZXiQz9O771Ad4rfLdd6MPlM48ihjiT1yuV2oB7gIAAACfUgAAAAZoAQcKAKcVUPDAZq0V-HsfbzZGyjTkU9HjS1DKCjPmtJg1cvyUluG_ixne5q7gSfeufMben-G7RWmtCiFd9S2ZCWfQRRKxLkkWXRd0LjagCuPqG474o8F5wYKupleBDVznMFiUZCuBf5ky6xiCjCSrHh2NDYVC7GAAb05o6R3J1xgKovtecoSDCdWIqX2OFEpi9HUyEo6PkLKHVp59D06HNxej9-omrWpaNrpcJZkC0IkEnmtOP3UXBi_OnZa2HmqwbgI68jWVKA9w3uBfAnlyS2SisZpEMy-wXMaCGnpW47xsV1fR5Yaa3RduuEIodG_VNYku9P-Z6bfCsreK_zXWMumGiDEeo7QtUw4fcjMo98bV_uHMevQsBOlZmGhe6UMwQAzwPjd-m7lbEUevuin6CiBrBadWOgf307-VSbenPS0zSw1-C7jQafemK6z-5YtW9rmtqnvXqz7qBRJSw0q4ywad6rJE0wW5-IWpP-lqTv5XE5yDKtpMWtmp28euhXDH-1aoicB6OEEdEr09nzYVBWf_ezdvZg_sjaRwdq_iH-xZQyt2p-_vS-QpGz2-SoosM-mAS-pC-hZCVtcaG7LwayVR26yIrkv-zPopN4ZbkQsApfYdGmWwG7QUhaykfNkrUNWSRf6ITAvb3Z-OswgGPo13gFf2U3y70HM5ZBDNYMMNa3t_jsiTy4TiSzcDSJH7uVnt8cVxD_eTI1ELv4I1SbEJG5qFwDszXsKtTvw1DYelLbrzwV1u7LnrMNFED-ev1euSmPlf_1ojbCv_R0jztRH_Y_4BOWGx2OlB3KtsbKhK5B7dGBoLg3R5CgCVdyTzToqc44hHpZdNVXdObhA02DOC2SW8U7aZHGymMXVBlrBTjCG9RFJpuY0OHxy-nJXsdeziXtpvu4LrM2wlFLH3ujUC8apaXJ6lVN6GIBP-wP0-RzmqtFFRNGc6dXEymtorPu81nAwadqFACuuimHYwHrzeOpu867vCn5auQL8bGijnY7kUM4Hl7WZbE5iGiL0oIOsOwkVhrb_8GOdSV8nmUpGAwjgRT339Nl25kw8Q24VkNiMgObDN5PS8nY0i6cKtGt8lN_Q2h9QeZebpVbxbpvKWHgRGQblo9APgx6pQSNJnhVc9lCLDEXYDOTHABNm845FIfokcBLRLeAIMBSetDSy5RssgiJ4mSdvxTG0cNQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 03:48:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 97ms
96ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=86ba0be6-5f2e-ad0a-174c-ae4eb6efef68&tv=%7Bc:75sZLS,pingTime:5,time:5363,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:233%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5363,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:233,wc:0.0.1600.1200,ac:315.163.970.250,am:i,cc:315.163.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5153~100%5D,as:%5B5153~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:108,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17*.11046%7C171%7C1721%7C18%7C19.11046%7C191%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:42 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=11046&asId=5f7acfb8-f584-966c-2740-a500cef00f16&tv=%7Bc:75sZLX,pingTime:5,time:5365,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:275%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5365,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:275,wc:0.0.1600.1200,ac:1070.474.300.250,am:i,cc:1070.474.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5103~100%5D,as:%5B5103~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:104,fm:t0j5B9v+111%7C121%7C131%7C14%7C15%7C16%7C17.11046%7C171%7C1721%7C173%7C18%7C19*.11046%7C191%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.americanbanker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 03:48:42 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.americanbanker.com/news	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.info.feedzai.com/	1969-12-31 23:59:59	Name: __cfruid Value: 22a8dbf6e4a4d87b4f690eb287be7ed54ac75ef9-1647488914
www.americanbanker.com/	1970-01-20 03:47:44	Name: sm_utm_source Value: hs_email
www.americanbanker.com/	1970-01-20 03:47:44	Name: sm_utm_medium Value: email
www.americanbanker.com/	1970-01-20 03:47:44	Name: sm_utm_campaign Value: 2022 Newsletter
www.americanbanker.com/	1970-01-20 03:47:44	Name: sm_utm_content Value: 189424896
.americanbanker.com/	1970-01-20 10:23:44	Name: btIdentify Value: a5b377a0-9d3a-4729-ed22-84475cd636ff
.americanbanker.com/	1970-01-20 01:38:12	Name: _bts Value: 5db56ebf-b96b-435f-e949-0a08b1f81f9e
.americanbanker.com/	1970-01-20 03:47:44	Name: _gcl_au Value: 1.1.162771521.1647488915
.bing.com/	1970-01-20 10:59:44	Name: MUID Value: 246CFC536E1E6EB23958ED396F756F76
www.americanbanker.com/	1970-01-20 01:38:09	Name: __adblocker Value: false
.americanbanker.com/	1970-01-20 19:09:20	Name: _ga Value: GA1.2.89691567.1647488915
.americanbanker.com/	1970-01-20 01:39:35	Name: _gid Value: GA1.2.700317624.1647488915
.americanbanker.com/	1970-01-20 01:39:35	Name: _uetsid Value: 1f31b090a5a511eca736357733737091
.americanbanker.com/	1970-01-20 10:59:44	Name: _uetvid Value: 1f31b5d0a5a511ecbae457a8a2a82027
www.americanbanker.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.adnxs.com/	1970-01-20 03:47:44	Name: uuid2 Value: 7167388295226932863
.americanbanker.com/	1970-01-20 10:23:44	Name: _bti Value: %7B%22app_id%22%3A%22sourcemedia-prod%22%2C%22bsin%22%3A%22P9jfepBKJ2EAFzPcclXjicuSycmSOybWe%2BqRCzRcLIXW03yhD1GQmdKVaU6XcpSqKUexszdorWMcGRCIBXaTMw%3D%3D%22%2C%22is_identified%22%3Afalse%7D
.linkedin.com/	1970-01-20 02:21:20	Name: UserMatchHistory Value: AQIdAkGTooBYcAAAAX-V_dpyRKIOvZWd9BuZcbmadv_AejLngmaZEzq_dbWzTYeLWP3qbyXIam7sqg
.linkedin.com/	1970-01-20 02:21:20	Name: AnalyticsSyncHistory Value: AQKcJmr0xsUwNQAAAX-V_dpyQ87-9JRdHxhdYJjeY9CF32n91vQWzfWkcwEbFUu9fmQ_O48rtOINMLTiJSuj8A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:10:02	Name: bcookie Value: "v=2&9303b57d-5198-41f1-8744-006d33f401d9"
.linkedin.com/	1970-01-20 01:39:35	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2653:u=1:x=1:i=1647488916:t=1647575316:v=2:sig=AQGhBxm_kI185VPhoYMywR14HhhT7vYx"
.tinypass.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: D8E14350F0E6D46B3FDFA8301907EDC6
id.tinypass.com/	1970-01-20 01:38:09	Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB7762878622FE3FB50BB8FE52E1D4CB8E7806775D00D66108726CDE569BBC369A649D742E49E7A56B637FA9DBA66996A7490A67AF3
.doubleclick.net/	1970-01-20 10:59:44	Name: IDE Value: AHWqTUlNDmuUlApA1TELFmksEvm3aRdb0HJv2rrbPmp0JVkYKJvChn2Hi_gWiIYX
.americanbanker.com/	1970-01-20 03:47:44	Name: _fbp Value: fb.1.1647488915501.1230237876
.americanbanker.com/	1970-01-20 01:38:08	Name: _dc_gtm_UA-219761-28 Value: 1
.americanbanker.com/	1970-01-20 01:38:08	Name: _dc_gtm_UA-219761-100 Value: 1
.americanbanker.com/	1970-01-20 01:38:10	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.americanbanker.com/news/fraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots?utm_campaign=2022%2520Newsletter&utm_medium=email&_hsmi=189424896&_hsenc=p2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw&utm_content=189424896&utm_source=hs_email%22%2C%22sref%22:%22%22%2C%22sts%22:1647488915561%2C%22slts%22:0}
.facebook.com/	1970-01-20 03:47:44	Name: fr Value: 0fj7luqFDW3JGOyoh..BiMq-U...1.0.BiMq-U.
.americanbanker.com/	1970-01-20 11:07:32	Name: _parsely_visitor Value: {%22id%22:%22pid=4e6ac8c87b0a7746e82f86b3f19ff82c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1647488915561}
.americanbanker.com/	1970-01-20 01:38:10	Name: kw.session_ts Value: 1647488915607
.americanbanker.com/	1970-01-20 01:39:35	Name: kw.pv_session Value: 1
www.americanbanker.com/	1970-01-20 03:47:44	Name: __pnahc Value: 0
.americanbanker.com/	1970-01-20 01:38:10	Name: _sp_ses.52ee Value: *
.americanbanker.com/	1970-01-20 10:59:44	Name: _sp_id.52ee Value: 19756ba6-956f-4785-8b78-c7f244838142.1647488916.1.1647488916.1647488916.562b768f-d3d1-4701-ad9c-a70d3ee93d0e
.adform.net/	1970-01-20 02:22:43	Name: C Value: 1
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 19:10:02	Name: bscookie Value: "v=1&20220317034836b2b05733-bfaf-40d9-89d9-22434a348d09AQGY-RHLlV74MJ3T-K9HkqM2lDKIYLuw"
.linkedin.com/	1970-01-20 18:58:42	Name: li_gc Value: MTswOzE2NDc0ODg5MTY7MjswMjFhVpKWAldWdcSw/CXid86//3oD1NQ7n8TllK+3npyvJQ==
.piano.io/	1970-01-20 01:38:10	Name: __cf_bm Value: CE1Z_gOIblYOOSywHwdeXm4Om4O9Zo1oHjO0rdB40Ng-1647488916-0-AZ7NENKZ5Ye0KSLuNOu96uu4x7t9i+dgjdgNNYXG3lT6XBZv3BdhmFCABAPrIApbSW3u+yZZ4b8SC6Psp69ec14=
.americanbanker.com/	1970-01-20 19:09:20	Name: __tbc Value: %7Bkpex%7DQxMvPvNkPGANvxZoNaG9QXimyXFC2zRJ9M8OKQhuz5VIYC4C7spk7AHGSlQHPDnd
.americanbanker.com/	1970-01-20 19:09:20	Name: cX_P Value: l0ugd2o1d1do4kkv
.americanbanker.com/	1970-01-20 02:21:20	Name: __pat Value: -14400000
.americanbanker.com/	1970-01-20 01:39:35	Name: __pvi Value: %7B%22id%22%3A%22v-l0ugd2o99sd6b0wd%22%2C%22domain%22%3A%22.americanbanker.com%22%2C%22time%22%3A1647488915845%7D
.adform.net/	1970-01-20 03:04:29	Name: uid Value: 8611449085685996718
.americanbanker.com/	1970-01-20 19:09:20	Name: xbc Value: %7Bkpex%7DllEMH50J4BOdpFsQwLEAxy7mWrlRlfp_mGINKPJfJKwps5lhbWWHugi5EATwFIML3fIwqMpZucakZ8t9uAwaACDILKReRKAw6-JYnwLmOq6PafWN3kAL9Uz90f93QC7uLzOZSzp8qCLolfUn5YwDG0J0I1CpevzD8x2vOmx10wLx3ZrCmaPENFg1RiV_tQMedCrmkgHt8yiv82vPFcqElfGbGNL3XGAO4YmDRaGJP3SRiGNjiYlQI1lsJS_vMxQvHhAuLTvfUPNowuTD9SrNeGU7X5i3QdOpuhiaNTVccdRoB8wplyjJ4PCPct7T88Ng0fyP3Hseq6mLnGKZtmhNdDI0UYA9y548ozoA2NbmsyfthZK6vCDhoTWmr1am3QOTKmr-n-j2AZ_nsjdivZbjwcnPr0B1k2YxilOod3Bgvzvf-w3XVf2FjpyEUDJvFSvzS-8RvYaSFFGdk5p1kIAjluIxEC70GOuBHGbJaqtY3wFCnusWPts4PS_4SP3ejeMCXxHoel7m22Z8vspuItjrPMy-p7UedTCDWReP9-T7IETJpxhKdL-y5vQum8xCsHbnOwx_VbotqgwRrOUwZz1nQLBLQEzoh8yu5ISgE9692PA
www.americanbanker.com/	1970-01-20 01:39:35	Name: _pc_subscription_promo Value: true
.americanbanker.com/	1969-12-31 23:59:59	Name: cX_S Value: l0ugd3ar8wfcvjgc
.dpmsrv.com/	1970-04-11 02:04:48	Name: dpm_pxl Value: 8d985bb15288f2ba919ef90addf909c993f93ecd
.dpmsrv.com/	1970-04-11 02:04:48	Name: dpm_pxl_aid Value: 7167388295226932863
.americanbanker.com/	1970-01-20 10:59:44	Name: __gads Value: ID=80f6c27234609b39:T=1647488916:S=ALNI_MZBuICAfvi_Ix5GVyQIeb-Fv1NK4g
.cxense.com/	1970-01-20 10:23:44	Name: gckp Value: 1m5m2fr580xvl3n47rcuat8zu8
.tinypass.com/	1970-01-21 13:38:08	Name: LANG Value: en_US
.tinypass.com/	1970-01-20 01:39:35	Name: LANG_CHANGED Value: en_US
.quantserve.com/	1970-01-20 03:47:44	Name: d Value: EM4BBgHXJQISAeT0iw2e6bRu
.quantserve.com/	1970-01-20 11:08:23	Name: mc Value: 6232af95-5da22-0ddf1-1a16c
.americanbanker.com/	1970-01-20 10:23:44	Name: cX_G Value: cx%3Ausb7a0hvbprk2r8zfpcmwsylz%3Aj0292ca46zwx
.adnxs.com/	1970-01-20 03:47:44	Name: anj Value: dTM7k!M4/8D>6NRF']wIg2GTtmukZ0!h*(x#MOY-PlZ[C[-kX-_r9!n
.dpmsrv.com/	1970-04-11 02:04:48	Name: xdpm_segsid_342 Value: 7568712%2C6745137%2C6451507
.dpmsrv.com/	1970-04-11 02:04:48	Name: xdpm_segs_342 Value:
.americanbanker.com/	1970-01-20 19:09:20	Name: _lo_uid Value: 80018-1647488916834-f7f33dd528f5b674
.americanbanker.com/	1970-01-20 01:38:09	Name: _lorid Value: 80018-1647488916834-1898eb8f6d028eba
.americanbanker.com/	1970-01-20 10:23:44	Name: _lo_v Value: 1
.americanbanker.com/	1970-01-20 05:57:20	Name: __lotl Value: https%3A%2F%2Fwww.americanbanker.com%2Fnews%2Ffraudsters-prey-on-bank-customers-returning-to-tourist-hot-spots%3Futm_campaign%3D2022%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D189424896%26_hsenc%3Dp2ANqtz-8warLdyKP-fsVpTGyZGt0aqlQD_wiohcM-ftT_sTVfbgrfXJCGVuc6h0n-7OZt_7Z-9JsG4Te6cBsklyFa8aqtNPkfXw%26utm_content%3D189424896%26utm_source%3Dhs_email
www.americanbanker.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 6.021

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=7167388295226932863 Message: Failed to load resource: the server responded with a status of 451 ()
rendering	error	URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=XUnXNMUrFF&templateId=OT2ZKYIM82SF&offerId=fakeOfferId&experienceId=EXUG74XED9ZN&iframeId=offer_6d6f23005f39a439ca3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.americanbanker.com(Line 74) Message: Error: <svg> attribute height: Expected length, "auto".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
a2.adform.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.zetaglobal.net
arizent.brightspotcdn.com
bat.bing.com
buy.tinypass.com
c2.piano.io
cb8179670440cf2a55312c2e28b635cf.safeframe.googlesyndication.com
cdn.adsafeprotected.com
cdn.boomtrain.com
cdn.cxense.com
cdn.keywee.co
cdn.parsely.com
cdn.tinypass.com
cm.g.doubleclick.net
comcluster.cxense.com
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d20519brkbo4nz.cloudfront.net
dt.adsafeprotected.com
events.api.boomtrain.com
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.cxense.com
id.tinypass.com
idsync.rlcdn.com
images.newsletters.arizent.com
info.feedzai.com
ml314.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
people.api.boomtrain.com
pixel.adsafeprotected.com
pixel.keywee.co
pixel.quantserve.com
polyfill.io
px.ads.linkedin.com
px4.ads.linkedin.com
rules.quantcount.com
s.dpmsrv.com
s0.2mdn.net
s2.adform.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
settings.luckyorange.com
settings.luckyorange.net
snap.licdn.com
source-media-brightspot-lower.s3.amazonaws.com
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
vjs.zencdn.net
www.americanbanker.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.npttech.com
104.244.36.20
13.107.42.14
142.250.181.226
142.250.184.194
142.250.185.226
143.204.101.222
143.204.101.98
143.204.98.25
143.204.98.6
143.204.98.65
147.75.83.64
172.67.75.100
18.232.216.152
18.66.245.59
18.66.248.35
185.167.164.51
185.33.220.240
2600:9000:2156:1600:8:48e:53c0:93a1
2600:9000:2156:2a00:6:44e3:f8c0:93a1
2600:9000:2156:3400:18:6c16:27c0:93a1
2600:9000:2156:a800:e:ec66:e40:93a1
2600:9000:224a:3a00:8:2b19:8600:93a1
2606:2c40::c73c:67fe
2606:4700:3032::ac43:bf95
2606:4700::6810:7baf
2606:4700::6810:f015
2606:4700::6811:b7b1
2606:4700::6811:bab1
2620:116:800d:21:fcb8:22d2:d390:5f1b
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::2001
2a00:1450:4001:802::2008
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c06::9c
2a00:1450:400e:80d::2006
2a02:26f0:6c00::210:ba20
2a02:26f0:fb:5a0::268b
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
2a04:4e42:200::729
2a04:4e42::282
34.107.203.234
34.195.203.63
34.230.94.213
35.244.174.68
37.157.6.234
52.205.167.202
52.211.64.143
52.217.44.100
52.31.189.28
52.45.201.131
54.88.65.136
99.86.113.122
04438b396fa4db8671e14afe3b10934ab2fcb9d24129380e6eaaec162eae1c05
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a399a985644edae38fd3765157f06f8c7e4fa6b5ae6bcbe11d0c3b48ff09563
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c9ace2e478f62e9aba9e6404150fd0a09bedbff02313863ada0236420810a35
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f99ec8e40b3c97670090f5f47e7ddc2a2fc76881c97ae731695493ffd591d4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
1d6e1e3ed8b806cc3f64651e7aa288c22a45d0b332e9f985f3f5a4434900b846
1f2b6c5613e703f11e27309ad9e7115cabb98e70acb07b7417a3e68b6e083e24
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
27e93d58299bbec64669d53c70f172936cb995c8ef3f168847e2636614db4ccc
29f598b5c4ab12f1050d937eb14a1f6c1a44f06d11511daa21d0254737ddd532
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c621b00fbbdeaa4e5858330a454ff0aa109b2a7fa1e85f41fb27a9a03f7069f
2c8fb519b1b2e5da2520d210be9bba38527b0c39f162101b0c9b4b22838a28f1
2d5f7ed178594d09e25e87cba0e328167a6e48d2508b4a4898ee7f05c21c0a69
2ece479bf861fa98087d36c0acc059976b8c649d8086d5e8b40248717a57678d
2ef6b24ec78bb3ac4bdfa91d2abf4d9f2d4b543ad54c411d50e4307fc8677110
355bd6e718bd8ec01295e014ed41981c31243e49815088268a3d0e7d1ae4109c
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
40d8d1f1b34cecad6116b978e438510ed516cdd8a694b97c7125fa2469b07b65
441e0467656e99238bd0547e5bdaac626664183d1f53903117e83dbfb2a45a87
45faef19b2cdb78bb0aac82f063ab2280499ac4825e43dfb34a9298c687a6ee6
464afb6a974d430541fb126996772d026d9521c671412a7c7694ad313315ba30
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5029f53ccdca2424d3c5d8662d9669e02ca9d0c036dbc23daf251af0f436618e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ef77c247263fdc6e0308a69334a3064176a1f4803e90eb0b45370231044fb2
53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
5369beacf41380e4c6215ba0e5c1fbf7f454dfd686276b0559b1caf04584ea65
548cadb46f2b92d88090b94a52ee774cb37ac9be4e169afc7cb8a34b4cb047b5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56b9d2d2849305918fe661cce7bdb8dcdbc83bb18c170884e625d2b2dd417210
59a717e69bec72ad009181785a1a65b674d1c01e77e04bdc718deb02a9b97671
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5f792fe255fbfcd352fe4b2f759c95980e57d8d297939e12262d9be1e87f48c4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
691d7aff3bbf0c068e9b4a2cd3975efdf0ea041f45d1d2e6621baf91de9970b8
6b377a566b9e8e639823a036e09dc56ec5b21a967ec6cdfd8cf1cd6758975e00
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d616f8f8bbfc67dc9ae707aadbbd75144f70b800c7c79ab0fc2c9559bb62297
707c15a2d21d4a5049eb2a54e82f591693f5065f678e9776777ca93a59688dde
70af0fcee31dd2fb39a8806fd164de4d84c51923b9f52e8986d223b44bb7a57d
713fc9f8abe79cb80fc0207cbd722d60746e79796a09a208942691386394473a
7234816209f5ffff423a5ff520c6144d69a2443439607f7ace4ac68b32c65f60
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7640e8d43665a07616ae1b3671ed16186ce3239c56776a5409673ceb955cb1b9
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79baec8122da15d50dadf74e665e73e22592990e0241f5ebcc6e1210f468597f
7d67a78f4835aaee27e0eec01ffc283da9f85de115af25d04a7a32bbf2b14058
7f05f33d16a204d5c70774e73f2e0310c38c99cc490db5b703762305b75dfbfd
81595dfe48cb94f7cfe66001c8d6c37c476a3df59e98f2f58166489d7a0564a1
8228de0c4c65ce2092fc715487981ef46855c826edc0a3f2b0627ef505d5e9cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8423661d9cf1fe1727d90009cf1e63228f55ad975938af9553100e84f5d18fba
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85c74e39cd6d8842801bf153c166c073eca5df5f90bd78a76ca2230d9e8f4258
8630a941e8f60d5b4a3bb4f1e8dade10d2cc72a37bfdaf8161be225d9d95acdf
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8b29b9470b38b4e11340436fe81368485ee0871ac1396a8345a39715338881cb
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8d0201b765179aaff875c4a2e951b91a44df8311d9a8f182637d88afd0c2f467
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
9117852bb64ba272123bad5259c90fe34447a8faf1eec13c115774b449c86022
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9234ff982022ced5d68350424bdb5cc4fc2ddf08601aac3f69279da211180d90
92f65d433b40a4c4719b742357563d08b1c16d6396571933da9f02f9ef7424d8
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
953219844164f5895a1095838eb475aea814baec518f2c7827e9b6551963275f
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
978533e747c483e61d642a67d62c1319a217d2ce8ec65a68f193f9ccfa801a61
9ad17f3e4887e34b70f3ce18b89ab672b2f4d5db65237e58d704055fdc80d54c
9afcdc9bc7abf2058d32b42897c79942a504500fe4aace7a9b30633b496bcc08
9b7d6e3088742f967c75903f8403a8b4a042860ca896c0ddb67eef147e7eb6fa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66176229882908d4a804b804674b9fcfc534927ffc16fcd75a091f8019723d9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa4850def422236b7120b2f04ac5d30eae7e84c4cea5e2965b2effcd53820696
af049cb9878153af170de62d07701370f22c95c9b652fe4f9fa078ea6d7034d4
b0b45543904bae95d15c9d72e7d55eee749a4b32ede7c71bcf9d199ebbcdfeda
b0dd2994a679ea0b4cfdb57f490a602ceaed5d9ccc9d440e19f03392eff06bd5
b11fd0fc6d03ed65bcaed58a5cd4fd69aa6ab56e5133574b9fcc88ec9baaa8ec
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
b6251714af3a4e8da633e997488ebbefa449f422ee1b1eeb3f050dfbc614f2a5
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
be7ea855987b00a3adce44f4d01951955cb595901d2db95018048aeeb519f7b7
c3c1db1885b0f1d07ded84a1dd2b4aa9e5a150e74c37c6f27e9ad9e76820ee84
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbf59590597bf2213724fc3b38bc3b5a397ad9a1f29734fba233b1c50fb3a8fa
cc439afff8beca06ec6cb95d2eb8721fc124eb6767662de5b3f0724bdd4ad8cd
cd5489dc88fd8e9e9ea9cacf8077f8b20446d10fab97186491fe62079051a10d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0fcbee3a7a17ed9b3543b7e3329024c4a423cb243e8db6132d26eb3674b15f8
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d5e1876373576f4110b6ad82c25041aa2e9762cc4a417939eeb20e654818a818
d8c71e5a3ee2f64d7d09ab80360faf8e4f0056f869fb62d42cfd59a04b0c1285
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
dc787ae67e8df20ee771bbf9757fcfc40a3eda5521792e4b8b83de20192b3aae
e0171cba4fe8f5f665e3b19043b7ea21190a1a815f12ef09e3eec273bb099f5f
e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e575afbd2dc9bf0aeeec790bb06050768203e6fc20901973b61abf33aa05586b
e7a5ccbce45d67fadba3ae9c26b5728649f20f25c80dae024a69baabc77ac1a9
ea3905ee7d8e4261f58b6096d97b2d9fa4f89221e076ed0b7ce73a5e83d98490
eb4f9d411525faa23f3c022b344c0416cff1ab3e54fd534a3a6d37e1dbcfddc5
ec70cfb1ce0aed65c10ebc00451fef58c830dbe4c02db1ba4115e7e3442c3c80
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d5142f2c70adff867e98ceda596f2160f3f0930b19462348bd07aaab4ca36c
f6e27ba5667915fb23851129787e6d6c848f0b1b306d49467050543b157ef8c3
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fd2785400971f2569f65a0fafa0e70a5162af8c6bc2a04a5941884ed3b0126af
fdf59b5e0439d77d23bbb522b1770f3ef4ab4e3b21b207ca054e6ab0c10da70b

www.americanbanker.com Open in urlscan Pro 143.204.98.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

219 Requests

95 %HTTPS

55 %IPv6

43 Domains

73 Subdomains

63 IPs

6 Countries

4046 kBTransfer

13342 kBSize

67 Cookies

14 Outgoing links

Page URL History

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.americanbanker.com Open in urlscan Pro
143.204.98.6 Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

95 %
HTTPS

55 %
IPv6

43
Domains

73
Subdomains

63
IPs

6
Countries

4046 kB
Transfer

13342 kB
Size

67
Cookies

219 HTTP transactions
3 data transactions