65944p-3000.csb.app Open in urlscan Pro
172.64.148.87 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://65944p-3000.csb.app/auth/login
Submission: On July 01 via manual (July 1st 2024, 6:22:43 pm UTC) from IN — Scanned from DE

Summary HTTP 97 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 21 domains to perform 97 HTTP transactions. The main IP is 172.64.148.87, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is 65944p-3000.csb.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 30th 2023. Valid for: a year.

This is the only time 65944p-3000.csb.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Arvest Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	172.64.148.87 172.64.148.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.154.107 172.64.154.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.192.117 18.66.192.117	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
2 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.230.228.40 54.230.228.40	16509 (AMAZON-02) (AMAZON-02)
1	54.230.228.119 54.230.228.119	16509 (AMAZON-02) (AMAZON-02)
1	34.254.107.44 34.254.107.44	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.92.120.28 3.92.120.28	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
3	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
97	26

1 172.64.148.87 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

65944p-3000.csb.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

arves.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.107 (None, )

ASN13335 (CLOUDFLARENET, US)

codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

arves.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-117.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-40.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-119.muc50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.107.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-107-44.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customers.arvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdnstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f6cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	pages.dev arves.pages.dev	459 KB
11	qualtrics.com znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com — Cisco Umbrella Rank: 291461 siteintercept.qualtrics.com — Cisco Umbrella Rank: 828	91 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	162 KB
7	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 360 px4.ads.linkedin.com — Cisco Umbrella Rank: 6416	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	339 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1008	4 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 6601	4 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3549 content.hotjar.io — Cisco Umbrella Rank: 6487	403 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 894 script.hotjar.com — Cisco Umbrella Rank: 1260	60 KB
2	codesandbox.io codesandbox.io — Cisco Umbrella Rank: 120837	56 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	11 KB
1	arvest.com customers.arvest.com — Cisco Umbrella Rank: 338309	1020 B
1	cdnstat.net cdnstat.net — Cisco Umbrella Rank: 489478	653 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 653	306 B
1	google.de www.google.de — Cisco Umbrella Rank: 8088	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	248 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3125
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 902	14 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 3146	30 KB
1	csb.app 65944p-3000.csb.app	13 KB
97	21

	Domain	Requested by
46	arves.pages.dev	65944p-3000.csb.app arves.pages.dev
10	siteintercept.qualtrics.com	znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com siteintercept.qualtrics.com
9	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org 65944p-3000.csb.app
5	px.ads.linkedin.com	2 redirects snap.licdn.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	65944p-3000.csb.app www.googletagmanager.com
2	unpkg.com	1 redirects
2	pi.pardot.com	65944p-3000.csb.app pi.pardot.com
2	px4.ads.linkedin.com	65944p-3000.csb.app
2	codesandbox.io	65944p-3000.csb.app codesandbox.io
2	cdnjs.cloudflare.com	65944p-3000.csb.app
1	znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com	65944p-3000.csb.app
1	customers.arvest.com	pi.pardot.com
1	cdnstat.net	arves.pages.dev
1	geolocation.onetrust.com	cdn.cookielaw.org
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	65944p-3000.csb.app
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ajax.aspnetcdn.com	65944p-3000.csb.app
1	65944p-3000.csb.app
97	25

This site contains links to these domains. Also see Links.

Domain
arves.pages.dev
orderpoint.deluxe.com
applink.bakerhillsolutions.net
arvest.cardmanager.com
www.centresuite.com
homeloan.arvest.com
mymortgage.arvest.com
sso.arvest.com

Subject Issuer	Validity	Valid
csb.app Cloudflare Inc ECC CA-3	`2023-12-30` - `2024-12-29`	a year	crt.sh
arves.pages.dev WE1	`2024-06-15` - `2024-09-13`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
codesandbox.io E6	`2024-06-22` - `2024-09-20`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
cdnstat.net E1	`2024-05-11` - `2024-08-09`	3 months	crt.sh
customers.arvest.com R11	`2024-06-15` - `2024-09-13`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://65944p-3000.csb.app/auth/login
Frame ID: 236C9CFFE162D1F303C4D95F32997F0C
Requests: 96 HTTP requests in this frame

Frame: https://codesandbox.io/p/devtool/inline-preview/65944p-3000
Frame ID: 24C81EC79733BB74380DDEFBD451602C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arvest: Personal: Arvest Online Banking: Online Banking

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

97 %
HTTPS

38 %
IPv6

21
Domains

25
Subdomains

26
IPs

6
Countries

1269 kB
Transfer

3855 kB
Size

20
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://arves.pages.dev/rates
Title: Rates

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/about
Title: About

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/contact/banking
Title: Contact

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/
Title: Personal

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/checking
Title: Checking

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/savings
Title: Savings

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/online
Title: Online & Mobile

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/checking/debit-cards
Title: Debit Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/rewards
Title: Arvest Flex Rewards™

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/checking/apply
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans
Title: Home Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center
Title: Home Loan Servicing

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/find-a-lender
Title: Find a Lender

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/apply
Title: Start Home Loan Process

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/consumer-loans
Title: Personal Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/consumer-loans/auto-loans-boats-motorcycles-vans
Title: Auto Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/protect/auto-warranty
Title: Auto Service Contracts

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/retirement
Title: Retirement Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing
Title: Investments

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/trust-and-estate-services
Title: Trust Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/private-banking
Title: Private Banking

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/manage
Title: Manage Investments

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/find-a-client-advisor
Title: Find a Client Advisor

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/trust-and-estate-services/find-a-trust-professional
Title: Find a Trust & Estate Planning Professional

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/calculators
Title: Calculators

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/fee-schedule
Title: Fee Schedule

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/protect/id-protect
Title: IDProtect®

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/referlive
Title: Refer a Friend

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/protect/accidental-death-dismemberment-insurance
Title: AD&D Insurance

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/prepaid-cards/gift-cards
Title: Visa® Gift Cards

Search URL Search Domain Scan URL

URL: https://orderpoint.deluxe.com/personal-checks/welcome.htm
Title: Order Checks

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/available-property
Title: Available Property

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/checking/debit-cards/specialty?keyword=beach

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/accounts/small-business
Title: Small Business

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/accounts/commercial
Title: Commercial

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/online-services
Title: Online Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/accounts/small-business/debit-card
Title: Debit Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/treasury-management
Title: Treasury Management

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/merchant-services
Title: Merchant Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/business-rewards
Title: Arvest Flex Rewards™

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/loans-and-lines
Title: Loans & Lines

Search URL Search Domain Scan URL

URL: https://applink.bakerhillsolutions.net/ArvestPublicMR/B2BApp.aspx
Title: Apply for Business Loan or Line

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/loans-and-lines/sba-preferred-lender
Title: SBA Lending

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/equipment-finance
Title: Equipment Finance

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/international-banking
Title: International Banking

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/loans-and-lines/ag-loans
Title: Agriculture Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/manage/employee-benefits-and-retirement-services/employer-retirement-plans
Title: Benefits & Retirement

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/manage/professional-services
Title: Professional Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/treasury-management/lockbox
Title: Lockbox Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/online-services/online-cash-manager
Title: Cash Manager

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/protect/fraud-prevention
Title: Fraud Prevention

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/protect/fraud-prevention/positive-pay
Title: Positive Pay

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/protect/collections/checxchange
Title: Check Recovery

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards
Title: Credit Card Options

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/flex-rewards-credit-cards
Title: Visa Signature®

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/true-rate
Title: Arvest True Rate™

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/origin
Title: Arvest Origin™

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/family-card
Title: Family Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/arvest-corp
Title: Corporate Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/purchasing-card
Title: Purchasing Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/epayables-electronic-payment-service
Title: ePayables

Search URL Search Domain Scan URL

URL: https://arvest.cardmanager.com/
Title: Log In to Your Personal Account

Search URL Search Domain Scan URL

URL: https://www.centresuite.com/Centre/Public/Logon/Index?ReturnUrl=/Centre/?arvest&arvest
Title: Log In to Your Business Account

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/contact/credit-cards
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/dispute
Title: Credit Card Disputes

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/askarvest?typeId=4&q=can+I+set+up+automatic+payments+to+my+credit+card+account
Title: Set Up Automatic Payments

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/visa-checkout
Title: Visa® Checkout

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/visa-purchase-alerts
Title: Visa® Purchase Alerts

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/pre-qualify
Title: Pre-Qualify

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/refinance
Title: Refinance

Search URL Search Domain Scan URL

URL: https://homeloan.arvest.com/login
Title: Manage Your Application

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/home4me
Title: Download Mortgage Mobile App

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/mortgage-programs
Title: Mortgage Programs

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/mortgage-programs/conventional
Title: Conventional

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/mortgage-programs/fha-va-and-rd-loans
Title: FHA & VA Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/mortgage-programs/construction-loans
Title: Construction

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/consumer-loans/home-equity-loans-lines-credit
Title: Home Equity Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/education-center/home-ownership
Title: Mortgage Education

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/calculators#mortgage
Title: Mortgage Calculators

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/lending-questions
Title: Lending Questions

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/servicemember-benefits
Title: Military Assistance

Search URL Search Domain Scan URL

URL: https://mymortgage.arvest.com/sign-up
Title: Register for Online Access

Search URL Search Domain Scan URL

URL: https://sso.arvest.com/idp/startSSO.ping?PartnerSpId=urn%3Abki%3Aservicingdigital%3Arwa%3Aarvest&ArvBrand=AMC
Title: Log In to Your Mortgage

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/mortgage-fee-schedule
Title: Fee Schedule

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/hardship-assistance
Title: Hardship Assistance

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/damage-claims
Title: Damage Claims

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/investment
Title: Investment Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/education
Title: Education Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/insurance
Title: Insurance Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/estate
Title: Estate Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/managed-accounts
Title: Managed Accounts

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/retirement-planning
Title: Retirement Plans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/exchange-traded-funds
Title: Exchange Traded Funds

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/mutual-funds
Title: Mutual Funds

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/annuities
Title: Annuities

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/insurance/life-insurance
Title: Life

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/insurance/long-term-care-insurance
Title: Long-Term Care

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158918&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158918&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2&e_ipv6=AQKWd5c-9eFTwwAAAZBviN3XJJH7AC3tFpOWGlR4p7LwF6sw1WxvEH82vD70H1Lc

Request Chain 64

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158923&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158923&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2&e_ipv6=AQJPVg1PDpoXQQAAAZBviN38-xVc35KyJ8ZJ28XPYrKtyvOuLku-yiP4onqregID

Request Chain 83

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.1/dist/web-vitals.iife.js

97 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request login Show response
65944p-3000.csb.app/auth/ 70 KB
13 KB 4176ms
4134ms Document
text/html 172.64.148.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://65944p-3000.csb.app/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.87 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

71a5a87419274c90d38870cc8b74a2c53ef6b325bf3578951a11f655b12cf8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c86c14f94aa043-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 01 Jul 2024 18:22:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 MyFontsWebfontsKit.css
arves.pages.dev/css/ 2 KB
922 B 409ms
338ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/css/MyFontsWebfontsKit.css

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d48e4cdc332afa2ac66eea1408b7fc4ac19d7aee7535ad7a6beee81b16c29b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"78efb5c8323080e5f44a9387ed1bae91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nYquxs%2BpkkSJ45bVfzf2qjhb8YCHvgl4PU1k0UsiVbjyITInX%2Fyzh0Bq9n2Kzi8kspyo56bABf7pem4z4mYwxXbR6yiKGKv36fOf0bLyc498w80mv8%2Bs4GxWoFtLYRqdG8OUXG4vUfOHETyHSgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c2f4fad975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap_custom.css
arves.pages.dev/css/ 82 KB
14 KB 411ms
340ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/css/bootstrap_custom.css

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb9919e780526be341049bb6154d23490c6462583b1ddfa33a4c8daa025dfaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fe410fb5e0ad32e4b61017c422aef5c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vuhc7K%2FMgtI5brDFliMIS7B5xnot22aRnUJL4XoBjIDsOCDpkoXWpFy0wPV0VeTpwpo9AXIVQFdKWk3t7rxlFKUTJ1xeNPs5eda5Zio1Ah9P7%2BK1CqU44XqYbf4W%2FrBueL0yOEOjEA0Xt2Xytr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c2f4fb3975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 layout2.css
arves.pages.dev/css/ 32 KB
7 KB 387ms
316ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/css/layout2.css

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1273fa967e7f8702e444df5a649d3ada3d56bd6f3c26bfec97f926a116e57529

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e553e34bf9d9c1b2b77868cf3005c60a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ix%2F8zoJXExe20vME2VFuL7Mxe00W9rVdN3QRLMltRlp1lipVrfz2xntUubPBxAlbbbXo0%2F1quFP2f6MrZ%2FKlKWJ8%2Bo%2FnZayCDSQM6CT4sy%2FP0HbuHw3uAWC71dpgpfl35gh4raXST%2B6TxPUBv6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c2f4fb8975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 357ms
32ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qpj84B%2BYey6E3LpL6XwSqdEcMwWvrUOddeYKBSopwkdj1LSdnwCXOd%2BTrAL5aavV05cFxkqM3UAg%2FryOMQMQ%2BmV3yV2DvRwoyEsR1DtwBCdLw7yQNy6%2FrqLO%2BjuKVYMfW5VfsFD9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89c86c30dc6c71cd-FRA
expires: Sat, 21 Jun 2025 18:22:38 GMT

GET
H2 200 gtm.js Show response
arves.pages.dev/js/ 342 KB
100 KB 211ms
208ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/gtm.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78916b7e7255abfa5144710ebd8c5624e778991bb4d86bf526abe9106baad9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a6913874bedeefb388d80c7c7d8356c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CwhMYYJnUf81UL9lAdN9BglMBegiQy%2BoL7uUGLK8QOm39XtUgUpcLoDkrGTPGr%2BcnVD5Y%2BPUbnHW2tMZ8yJDfsjqBeMfPBqs0TpsqllFx8aaKc4c4xXCKBrKDhUq%2FweGqnjIhbOwyqsA%2F0A3ZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbc7975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 viewport.js Show response
arves.pages.dev/js/ 1012 B
767 B 407ms
336ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/viewport.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21ba23bacc45b32c237fac9f813811f1d319877e9cab4d84c71029cb7b49c9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0793703a2b89c3732a85a6406927e7b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bC56SM4YEMPRUfsCSJ457JJZeQIab4%2FtHRCw2NKKcn5EwehTwlQ0VbiH%2Fv7veNHy%2B6BjCg0jItPjLZ7ZnD6fcscvzQDXJwr%2FyWg2DpK3Goqab6w8u1fmm3JrvS%2FNPvSFTeAESjOv2NpJpU2tX2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c2f4fc1975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-1.9.1.min.js Show response
arves.pages.dev/js/ 90 KB
33 KB 392ms
322ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/jquery-1.9.1.min.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"69e4e91805f5a6478cc3403b9229be39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gEme%2BsLP8Yxnw7wk%2BH5alNczLJR3uPGI%2F5i7KMoZy8BoAssOrb0AIUdeC2K%2BRdLki19TD5yiwhGxaTR8t4k7F5kvvFEG3TgxiHnRtz1BVFqKFdyT%2BpxYhm6IbOJJLqgD%2Fcti5kumAJa0UoY%2FVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c2f4fc3975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 common.min.js Show response
arves.pages.dev/js/ 9 KB
4 KB 368ms
297ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/common.min.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80775d79677fe7cb03b02a6ea8876ae8d9b50f40bf5cc99946c64b5b18d84a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"dff0cf41b93a85d3c3312957f7937e40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFU2kBmFpKSCTXNl9mHZqmo2UUKIRd9tF1LXntIULcRI84OpGKKBNYC4jpBxMtO5Wba08WAkdTxcuMyMzRBOl%2Fj6frNNXFZr%2Fsq7VCRWPkxV4VQ7b3Vy1JyK%2FCf6us9UYxNQh2YMYH42vmRbU7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c2f4fbf975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 aob-search.js Show response
arves.pages.dev/js/ 3 KB
1 KB 439ms
369ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/aob-search.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f857f665240f78c391083521d6736b87353bba5137e71e08d792a7a8ad827cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"73df776bae37e42807d8cba6f8f99f78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oRbsTCuYEDWnVcbP5KPTDio3uCgTe43NnAIr55DuGvaqjZFYgb8p8bU1k51az8Sqv3YnZ4ZDBaURJ%2FdSqhfSPOLNuvyaYQiOSylguwviqYZOoh8%2FvtmwqgEhk1DHmN7n9dSCeQRwH%2BV71L5p9ik%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c2f4fbe975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pm_fp.js Show response
arves.pages.dev/js/ 9 KB
4 KB 457ms
386ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/pm_fp.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9f313b0aac7378a2b6c863515b66905ec21a1c5900dc51b52cce28d7d0009ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5454fcfe119e1116ab7f3ee2db8de7c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bf22HG3h%2FSql1b7aLkJPutAWq9Hu9jddoNRz%2BWR89eivtVfpLw39UFjnQQ0Fu29pOkZ4LEAsg3NfIR3W7SNClNnPC99QooFgU1One4ZSuMTt%2BaBzwqYupNNUj4ThusIGOAvF0LQeUx0hvJDkfVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c2f4fba975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 arvest-logo.png
arves.pages.dev/images/ 4 KB
4 KB 113ms
113ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/arvest-logo.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d8f81b3deb15a8d8a4d940347fb3322ca6d49640e7ce14514ccbe07862a1aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3db34b73533d89ea049924bc6d315420"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1Ej1CY%2BvJR%2F1tuuzrXU5jyRRu7aAplWmr3s%2BrHpeqXHPfuCx6TuLvvPS3NUAeW%2FU2n1buI%2Fve32RrYUwLgofvnSx7PJFqtwPeDdN9BUqLvaJ9iqjgmar13WVZGeuTvds7%2FlG6Ygzd7x3E2HoP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c311aa4975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4092

GET
H2 200 debit-card-beach-mainnav-ad.png
arves.pages.dev/images/ 23 KB
23 KB 96ms
96ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/debit-card-beach-mainnav-ad.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5566d8578cf4b69b5523a1d983aa31de64c5e40bc55db1c5551ac01f647ca529

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "013c593960facf9176f4ba968911f303"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJwmVlup2PlVClXbpeUwyz3jbrohqZrePcSCa5eOV08PEKGqyj8DDoidklE1Nlckth5bZIxHA63szIaUw819vtvW9uSUrkBWdoFl1HTzbs4hXRMsHSE5E18%2Fv9sY%2B4djVVxlIKjAVZRgUdYH68M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c311aa1975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23282

GET
H2 200 merchant-services-mainnav-ad.png
arves.pages.dev/images/ 22 KB
22 KB 122ms
120ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/merchant-services-mainnav-ad.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cdcd37ed238e27c50fac06ba440885e95bbae7a85c8c7447111738f7bdbaaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fa073673a8c6929e3128947c9706deac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wa%2Bl0FCr3Y01Tdz6mS1dix5QfYHW7tMvDloCIsxSYycdapUfHkjGdf1poqCykVxsLmfCYpsFeqBTyxM6rzjMumrA8a%2BplJakNyXmKOb%2Fi8yAH3kVlw%2FTggWE2yH%2F2Ry4SHSXNg2UtBVLCFEHCb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31bba8975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22341

GET
H2 200 mortgage-home4me-mainnav-ad.png
arves.pages.dev/images/ 53 KB
53 KB 191ms
187ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/mortgage-home4me-mainnav-ad.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbd9e72fc8811406de10190f29478f63524a88c6c33ac96017c2f38374787c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "74a103e84a8429fc32cd1cff5e1978c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpPwAMmUS5BL%2FFZFnnfYVZqBboo4ocCvLnvV5p4iaPkWRJQGyzE27%2BEILtQLll8Ds8EnKCVIpc6OZ7ksZiz7HQ1Y6giL6M1wVq3wuvDP%2FI%2BHkNwFi6PUNDqJM8K3murnTqzXSWjrAiq2PFPsKkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31bbae975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 54009

GET
H2 200 awm-trust-mainnav-ad.png
arves.pages.dev/images/ 29 KB
29 KB 424ms
421ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/awm-trust-mainnav-ad.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7cf593c0726db50aeaeb0f6973332ae8c226f467b28463e5cb225c07a9ad5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0314a7cce149a6a35c3ff7976edb4c74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vV4swuzro8K0zrQ9w17sM0m8qvrrdU04AOdi4pHwXstzAqnMHQNkV5Z2xltgN3PsyYA6Og4rwRnREsE71JDAG3a14kw%2Fu%2FTvBgnzbsHWli4tbFTuhhfMzfEm9oanW24VAtrWbiiUtlcCiAtZWcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbc9975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29336

GET
H2 200 login-arrow-icon.png
arves.pages.dev/images/ 271 B
584 B 195ms
192ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/login-arrow-icon.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d1a470c25a6f60c6fa9e7de42b0158533a7bf3de3c0d7c2687f5a5a8269377

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "37807de95af34e8da7c1e0598dd79e10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xP7Ofz202pYYJugpnrTkffq8AiGbh%2FT9HmPoe%2Frq7fbofToJvGyWCIGEw2U24GdRWbR%2FB1dWTCKBnB7p%2Bx%2Fvd5ixWypunypAXQ94JUgqSfskYY2zP0s64NvhaUlMZ7oyaEcQbJ3k2YrMjy2uVKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbcb975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 271

GET
H2 200 functions_form_class.js Show response
arves.pages.dev/js/ 5 KB
2 KB 123ms
119ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/functions_form_class.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b3886467835fc527fbf40a9972323de5c82f3dd5a325b6b1deb39d4e9f24251

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"87c6d20023bc2731227a2eb2d8ab2c6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qH5guNTMrECqAQuoS1DSN8s9%2F3J95pUvYo1z5l0h8%2F4hdEMOxusBUYJ1jj3vSbJV5%2Fg7JM6JAIRUsU3nUe%2FHi7XKpzd596eHiQ95hdLnFcDaTizFyuuz1MBlxjso72%2F6qcCbN%2BN9YoDeRewHUpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31bbb0975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ios.png
arves.pages.dev/images/ 5 KB
5 KB 201ms
198ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/ios.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b33290a887374b0351ad46d4f1fddc8038b3b805ae11fc1520c732108691a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e3bf91171350d558ba33d0e783b91dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k9fHfomrcx%2FiCeKDg1cf6YPH9kYS960pLqZPsze7XsiZJFjzVwefTicQ7bk5PMi89rKSN86paE9tSsiUmgubnNvwvEPJfbWVHaU4onOidspvPo3WHtiJ9NGQCzPTz0RGklyLaj4Xzlg6kipLXBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbce975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4885

GET
H2 200 soc-share-circle.png
arves.pages.dev/images/ 717 B
1 KB 372ms
369ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-share-circle.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16eba136a35400f1100a450d2f48d656b67296e74c62521aedcd8fab29c7d4ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "94a50b8f5f6d375de5b72cfd2fcdcba8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtS8%2Fu5mJ0ByZW3g15fpB5mEdWMaFxcv20SntArUL%2BVXmYANuqiubi%2BanhhSdMTbsKbqxmKqXza20W14wysq61JyoSWT1w0biculiSLAg16mhIxid200HQIXClzQqLH7H%2FBDyHtN0Akw%2B84Cn8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbcf975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 717

GET
H2 200 soc-fb.png
arves.pages.dev/images/ 589 B
904 B 430ms
427ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-fb.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610c99d9f333e8e356584239f9cbf91592f1c38877fce7d1d1da4bf3aac94e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ac734fa762ba32e6e2765f222c3a363e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2l2T9trywfODw%2FucgurR1ihp2ES7zHG79%2BklEf2kEc2qZbFo85LIb4aSlh10dh6RfkmzwOXdJ6R0R5PxhBTXGQLmnkDRxEiEhFgViWsskk7TiSxDsWDmfgL1WPq%2Bh3H7nRHgH2E1WUN%2BKjp%2BX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbd0975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 589

GET
H2 200 soc-twitter.png
arves.pages.dev/images/ 542 B
859 B 317ms
314ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-twitter.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f485ef565c7ced26632fea1c6fb2f67b5c90c49c38fe856ead961258b65682

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "50b74a315e59a521ba7faacdc6dca4de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7q5LyAM24ZsaMaf4KYtI%2FotP1HeA9ZN4VH9EM0It37IDy9L9K6kSsJcF12mWCPf5dK1iG7BcK8sWJ%2BCcWgeE%2B0reANO%2FSH%2B144oDJFMKK8ukWaEbvvOoYuCfVwdal7%2FUKdIRaOGO4bXRbMrVe%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbd3975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 542

GET
H2 200 soc-youtube.png
arves.pages.dev/images/ 15 KB
15 KB 222ms
220ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-youtube.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ffbb276d8124704f5a7e0035b5bb87e4adc7a7e4b322ae2ed476ee37ffa7ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9a30625516ba144c0361835b5168770e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojPJHy%2FMoyGmm7P9GDBNlOz0S%2FGTYbLycV8hDEiktbkbFuICeARnWPFxhUKfLM5y28GeD%2F18gE5sB208PwFBvnnqCBXZpztDQg75PFdc6HZiwgvkuIcrOJAaYobCI3WmnMFrH6qn2AeJe1hQGuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbd4975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15201

GET
H2 200 soc-instagram.png
arves.pages.dev/images/ 686 B
1005 B 181ms
179ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-instagram.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee5b697a7b857ffe13445f6b2ee5ca3f0ab76be6c03b51bc53879648c7bd9a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4fc503c4f9bd5f7477f6ad090ed8f386"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSvAKRNJ7XQTKAeRw764W02PRjTDw9W72EpJqV7yznVzQYAmWmJmCDM37DPBr4Zf8kL%2B4%2BreY903IxBUn3xj2N7RE5bj3WtF38u3W6BG8ptghYWSZEk10k8FwCtAT%2Fgd%2BNrwQtdXuWNmW%2BXz%2Bfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbd8975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 686

GET
H3 200 preview-protocol.js Show response
codesandbox.io/p/ 176 KB
56 KB 75ms
45ms Script
application/javascript 172.64.154.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/p/preview-protocol.js
Requested by: Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e5816a040f78bd21a0a149637977c04c952c491111c5dcbec993fa91b4cb566c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 17:27:41 GMT
server: cloudflare
age: 524725
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800, immutable
cf-ray: 89c86c31ec0a18d9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fdic-logo.png
arves.pages.dev/images/ 916 B
1 KB 297ms
295ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/fdic-logo.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf5ca21167bd44e7b547a5c908f0cb82a9420f0b4927ff1ded1232446f6f17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "033bd0e6212a0bca89e4f48706f60c4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BXQdYEaqMvU%2FbghGch8E0x861fPK5RVj6ByMdjjd4MZiJwHRAGR50uaqZTK0sILkSUyyhjdCUgTI7f11ZEQ6mh1SoyUMpamXQdxMbkF%2F3rWF4s8isRj42rFU10yGQ9TPWoAUjTgcSzFwmyksXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbda975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 916

GET
H2 200 housing-logo2.png
arves.pages.dev/images/ 653 B
971 B 164ms
162ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/housing-logo2.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3132b69dbeb859635eea70dbdae8557c143d111eeb9a473fb84fe5fac904cc18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "23584c02fec7d19eb6862ad0e8fcc5c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZzzZg41z6Tqh2CGwbKvJQZ6UYr14WIVaRlHM3ylKSCsUHKtrQn1omDxUTAYq7qGRkUlRXk9pwcLqAsj4CJH1xOLcnWMzpMbMlcQQ2LJe4vjKxjRoYc7cmK6dTh0k6T3vNZSJsfA%2FKBSpf2tnYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbdc975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 653

GET
H2 200 fdic.png
arves.pages.dev/images/ 1 KB
2 KB 325ms
323ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/fdic.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971cbfd037bdfa175bbcc512eb44ef5430b917a88df8b0b0344d85dff95f795e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e8b692b58a7ee64fa8458c424d498b75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phjjcr9FJXj%2BjikeOvrvjZO4vxVeIpCGHNfK1zStC%2B00B8V%2FB%2BnaJc9lQUmqRHS4iNbHChhgF%2Bs868BmP0u6xPw3KUT44uzvsRTV4dhq4q8KY2%2BkhEDVhTR8FDNCFyeDAug%2FdgmOHAnZ8ZESN%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbdd975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1411

GET
H2 200 nhl.png
arves.pages.dev/images/ 1 KB
2 KB 183ms
181ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/nhl.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d067fab799e99b87904f659c692a443efdefb8d5eefcc98fc7db2cd5bd39cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8b144ec4624e38ee5678bc7e8c690248"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bDnt%2FhghIkR0fUZRMxt4RqIsh0MiIWxP%2BbeRPWHvKmReSDDscZ9B5n3UNxpJNufMnpsW3hEoSKAyLxYt4oF31BncUeX1u7u7%2Fqv99P9zoExDwi87ZwnZAO8y8iMt%2Fg4huMzR%2F8mSloqElLJ1Gdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbdf975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1277

GET
H2 200 bootstrap_custom.min.js Show response
arves.pages.dev/js/ 13 KB
4 KB 121ms
117ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/bootstrap_custom.min.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b8fd01969247b640db14518378c4ee2487d6c5d389f613d947abf2e6063d6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4ac65b8ab7abb0b5a329afd503d59051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DylkTpav%2BJR%2FwLgbLshRtfykp%2Fk%2F%2B9UsZYvH%2BZrDs%2B%2FvIYok64l3RUZ5XEM70zje5mLwH3KjMmxGlWeXOymjwbCMvfKdkyinQjAAJQkEWvyoVPtEi32RdMHf7JK45T0vO48mqnhs1I2sk5gqzmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31bbb2975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 helper.js Show response
arves.pages.dev/js/ 6 KB
2 KB 118ms
114ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/helper.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17bd8b07ef5603105ef87297b87ab38d5270455d867c67c6cbf2953d7188445b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b999d6a49b9758af4bd940cc53d326d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y5JWKjbTPrFTZAxv2GRtiPWBrQdnFBEwc8I46mykymsBtYUPfp%2BYo%2BL9K6UML79pXpM8HiGjh1lzXcJ6JJGooZoQgpVf%2B8vrbr3Lg87Fmq9%2FxsuAdglOioJEjg5ha9gENbWlodZbNC0WXvclLSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31bbb4975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 typeahead.bundle.min.js Show response
arves.pages.dev/js/ 29 KB
10 KB 148ms
144ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/typeahead.bundle.min.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af97ce613cb505abdecec61e500b8d8d50dc055cc26a508b29d451455f9f4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3ecb28eea41f94919136012e3900872f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNHojhZ9XxB5cnr4VEX1wmObxkihLq6LxMvEDIj8McTiP%2BC5t00pn7HLzWy0K81wymg7mQadsAth7xEYInwE19QKYhlNNYqPnyYgjyIAuMhGq7AJ%2B%2F%2Bf%2FS4XeyLPhgF1egi9EqfJVdqDRVNbqAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31bbb5975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.selectbox-0.2.min.js Show response
arves.pages.dev/js/ 8 KB
3 KB 139ms
135ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/jquery.selectbox-0.2.min.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd66012b771fe92c7549ffa275254ec23d15e1939c56c224565858d40be98a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1975c2b544047fd129c765e9716667ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNJS7tHqxelFfxNB9SGkVr5JVEKc0wUZoFt1JGXrOVqzqv2DeLGixbZFECK6a3AcO0N9EjOJUtkEPmH7bc7yqsNT5%2FkiXMESIZ8M8QaK9rEVk%2F2jEBUOTzJY9maF6awaNWI7R9hBYRrFnGA7MtY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31bbb7975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bpopup-0.10.0.min.js Show response
arves.pages.dev/js/ 5 KB
2 KB 138ms
134ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/bpopup-0.10.0.min.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b3544ef8e0b67d75e2b4f79df4fa1fd6a1324c98d04322dc901248ce012fcf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"84be30a5fdef7d1f3b76f287f2dc2f28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JRqsIensFShAy65y2sy8cfzrDGPkZApQ5rzPbW40QNS6fr4zOL1%2BaHSOoiJLULGqf3DbmvbLW%2BNTxKWNS0X2J0ajE5ohE7Lv78eVwxzdog%2FLaAJVM80jWPoW8t1Zq5OKQCyG7BD10PZmXs5WK%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31bbb8975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.min.js Show response
arves.pages.dev/js/ 7 KB
3 KB 368ms
364ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/main.min.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20da8601280b37880ba8b04bf37c1c50957f671ffb67142bae36258e0c84641b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a9123b209bcbea8a6cd3f06fe371a17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQEQ7T%2B1jP0d%2BVD0%2BAvSQl%2F84rpFwXwNULkjeA8VzwUTEQs6AIoCurvYc5kZZGwn1EkUglJ%2B2Mnw4bjtEuFCUoTcXN4chictAv%2BHLPZQk%2F2t05qzYe5zwubsa7bukW%2BRfmTrhMmBSgjT80wEy50%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbc4975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 search-script.min.js Show response
arves.pages.dev/js/ 199 KB
45 KB 664ms
661ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/search-script.min.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccd10693e75dfc608e745959d5a9cbe7987653ddd7edde560b0590acc7675e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:39 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0a6de3781821359c03527037c24e375f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F52%2Fex6PHvMcWajvInPXB1aZd1CDolecB%2FVgcMX7TLL8rdkRxT24fInKyioBIMrwRySREQGMpWsex%2F6HAJdJyPFXD8BkfvlCfGZ5YHlre4oOGyImZAUwy9kH%2BRHS1wo2UKSRoSlJTyWUP0Vsqko%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbc6975c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
30 KB 46ms
11ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE1) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8519833
x-cache: HIT
content-length: 30394
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (frc/4CE1)
etag: "80288516b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 20 KB
5 KB 22ms
20ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 951466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4517
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-4e98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdVP7iaOmgWtllVWaNJt8M2Kmj4%2FOQi6cZAzac9wVAXKEJft3i1jqHOMkzZmpxaOdNCNL7VG8Pj3%2BwrPY03PPxr14%2B8htKLcGk83xIMm9Pfwl%2FQowVWU4yt8Q0FV4SA%2FziaPBvNm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89c86c31bdfd71cd-FRA
expires: Sat, 21 Jun 2025 18:22:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 538 KB
135 KB 101ms
77ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3e50e04d1dcfa006677cbf23fb3110e93e2b6a4fb930ad13f3166e41383f97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137845
x-xss-protection: 0
last-modified: Mon, 01 Jul 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Jul 2024 18:22:38 GMT

GET
H2 200 arvest-logo.png
arves.pages.dev/images/ 4 KB
267 B 58ms
46ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/arvest-logo.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d8f81b3deb15a8d8a4d940347fb3322ca6d49640e7ce14514ccbe07862a1aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3db34b73533d89ea049924bc6d315420"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOdk2cba7QpSSnj2nC59C6QXw9QMOrbj%2BGQSIc9QFaiXpLxF%2Bi%2FhFt8wnw8C8COTyUym0hP2R%2Bh595OQhZBCYhCb4hH9HgEqCdAsj9a9pkF8RFO%2F1EZ7RoVWaP7xb%2Bxb7SrXr%2FHPgI%2BLmbJvpxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbe5975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4092

GET
H2 200 debit-card-beach-mainnav-ad.png
arves.pages.dev/images/ 23 KB
260 B 56ms
55ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/debit-card-beach-mainnav-ad.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5566d8578cf4b69b5523a1d983aa31de64c5e40bc55db1c5551ac01f647ca529

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "013c593960facf9176f4ba968911f303"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2DRWNAjhC8XVDP8bHRgLa1LzxYH0iKYpN5TOVJIr5otkBJk8YCNi93Gp8eYGBHNIeH7B1q7XSgvrjjZfEztCIz1rtEJc0iprkPnj3JFEb1uy2XX4JmVlPth5v59hneMVoL2w%2FfPOp%2Bj%2Bqk5Fn1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31cbe0975c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23282

GET
H3 200 top-nav-bg.png
arves.pages.dev/images/ 249 B
723 B 168ms
168ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/top-nav-bg.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8eadeb36aa1e752b10866c2a77550395b7517b183871b69180044aebea508f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arves.pages.dev/css/layout2.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3d3e4eded40dfa877d2571ba3c892a29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NATmNOGCIRoysZc19HvrKjJwvP1TkV90rgmr2U%2BRqaN%2FgiEEljhlcNK8IAEJIXxJgQ%2Fnc8T8NZ567NdDnXapSjxHVonQLMvHJLLb81ha6A4O%2FIZdmQOE5wEglxVNDqbos9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31dc2b9b39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 249

GET
H3 200 nav-search-bar-bg.png
arves.pages.dev/images/ 3 KB
3 KB 141ms
141ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/nav-search-bar-bg.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2266eb423ddf014680bf965dfdefc302947c231645f864e7ed3e16e70941d31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arves.pages.dev/css/layout2.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "157f51e922e5fc5ae53cc991ee5f81e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIHd3JJArEr1GvJdw0KTGjNbAozgy3hivLSmwafmnkRTAPyRFl83%2B66gb1Rgk%2FapUkpS7TAjQDe7iWs6sJmZvyXhYtqWzih4OGVtVxF0V%2BBlYe1N9vBQ03qIIcCpop7lHL0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31dc2d9b39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2951

GET
H3 200 myArvest.png
arves.pages.dev/images/ 1 KB
2 KB 148ms
148ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/myArvest.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ddd9fab5342d91721c67a39aa003a8b6baefc3fa9c35d07ae7c61b62b0e8304

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arves.pages.dev/css/layout2.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e571c631e9e6d53c44cc5c60fdcbda32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xcr7jTOrDcijp3yub7sT7MgfcnLjS%2BmDWMz%2BTGHbgREwFrPgNflViUP3hDybwt4RKcI1y4aHHX6YR5vHRO0tUZGAQxxwgmmNocnbbHNbKh8hdE2%2BlSNKCchHy%2BembgDxORE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c31dc2e9b39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1410

GET
H3 200 26DA37_0_0.woff
arves.pages.dev/fonts/ 23 KB
23 KB 179ms
155ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/fonts/26DA37_0_0.woff

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/MyFontsWebfontsKit.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1252843b50c568f5a207600688226e7c516d706623b50ab4ad33fe438f25a514

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arves.pages.dev/css/MyFontsWebfontsKit.css
Origin: https://65944p-3000.csb.app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2a71c1baf5f56ee13fd25b128ca2236a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e14WferabuAEQv1VktlTUmMrHT%2BqfZx4ikVWSV2EkkJU30Dv4l%2F7sXgymaxqBceJRHe%2B7t6p4a5OSpm5jaEc%2FgNslCsFlAjSVDiHEs2peGhOmeJP4vukSVu3SsKYDXuEKTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c3229869248-MUC
alt-svc: h3=":443"; ma=86400
content-length: 23258

GET
H3 200 26DA37_1_0.woff
arves.pages.dev/fonts/ 23 KB
24 KB 192ms
168ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/fonts/26DA37_1_0.woff

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/MyFontsWebfontsKit.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9be58dfbf40a15b63977356d7a343d790e89f241cf28bcb7883da48e2eea19f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arves.pages.dev/css/MyFontsWebfontsKit.css
Origin: https://65944p-3000.csb.app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "379158380abaa8644aca7cacedaef082"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3OLT7MkLuIKRZC0n8z7aeb9GCjWO9JkDaJOF%2Ff9nCCkzXbuTcN3J5RuraeZIXncpRlEKQkuuqAQhLyeOAIVhavJGxKA6L0CJnaACOUQz4eSmSCpJRwRtA1XwbAZOW45XPGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c32297f9248-MUC
alt-svc: h3=":443"; ma=86400
content-length: 23644

GET
H2 200 functions_form_class.js Show response
arves.pages.dev/js/ 5 KB
405 B 39ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/functions_form_class.js

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b3886467835fc527fbf40a9972323de5c82f3dd5a325b6b1deb39d4e9f24251

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"87c6d20023bc2731227a2eb2d8ab2c6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZgfsnuOuU30RKs2zgjiCjzZWE79oNXoczGZFAqE6uvmWwYRshE41YVt7X5jmCU%2F0D5KsGxyr41dmjB6j91NBjawy4%2F6%2BTuIMqkWXHJp9fB3t2xFBEtsRoKBf8WcyCqMLHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c328d009b39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 button-arrow.png
arves.pages.dev/images/ 163 B
637 B 103ms
103ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/button-arrow.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/bootstrap_custom.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb1794640596b6601ece58fae25be2a00d2e71981f55dd2b743d4f45909c5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arves.pages.dev/css/bootstrap_custom.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "185b99fe8256ccd40624598a71a16a34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDp2529oZ0zDmWBdRYFpHirBrfmlOx1X3meiICA2b8Ae%2BFxm%2BxHdsRd2B%2F1yLPHFhcCE8kLZKMEK3EE6tw%2BWBI6%2FAuySakVubL7SOhO8dkk5AyhouyRlMvk4uG2AW8UrP2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c328d029b39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 163

GET
H3 200 custserv.png
arves.pages.dev/images/ 3 KB
4 KB 132ms
132ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/custserv.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac4db385ce573e1038b4a1a504bac75d82114d03a863bc8e9ef19328304f587

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arves.pages.dev/css/layout2.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "386c5e5128b6f4fd338d3fe0a6fc5d9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HyhSRwcjaPZjwpu1ZtV7QnJRI8OvwV3ujQX2%2F4Oprz2LetAnwzzJ%2F6FFLpry%2BUw971UcFMsyuut4%2BoTsBKwgiLDpQSJRFxlKTQ%2BZE1eHT3iC%2FSdhpOPqhovr2kJN5Sd%2Fwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c328d049b39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3468

GET
H3 200 65944p-3000
codesandbox.io/p/devtool/inline-preview/ Frame 24C8 0
0 62ms
42ms Document
text/html 172.64.154.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/p/devtool/inline-preview/65944p-3000
Requested by: Host: codesandbox.io
URL: https://codesandbox.io/p/preview-protocol.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://65944p-3000.csb.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89c86c32db7a2bdc-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 01 Jul 2024 18:22:38 GMT
frame-ancestors: 'self' https://65944p-3000.csb.app
server: cloudflare
via: 1.1 google
x-powered-by: Express

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 364 KB
119 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GRH26TKW0W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df81a7b8a5ba3e560eec6f4b9a0bdc93e739f9d9bd0f348c4eea8fb3fd789f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 121483
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jul 2024 18:22:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 60ms
15ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6811
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 01 Jul 2024 18:29:07 GMT

GET
H2 200 hotjar-2651856.js Show response
static.hotjar.com/c/ 11 KB
5 KB 122ms
78ms Script
application/javascript 18.66.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2651856.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-117.muc50.r.cloudfront.net

Software

Resource Hash

acef1942f049403dc286204d0feb044e16fffd0c4b91e6ad3814fe81a63473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 18:22:38 GMT
via: 1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/7d602a409ed19a07f13ede5133e44cf6
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Av8Tikl1Ett-SRHkuPJpWiuUny84PGslutxwYSiHgk50kpEwSnz8Tg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 61ms
9ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:46:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=59888
accept-ranges: bytes
content-length: 14004

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11451864523

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6491b85ca5a5c4626f1652db130d063c69aec82ad31a21a3082f2f475c1dcdc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86789
x-xss-protection: 0
last-modified: Mon, 01 Jul 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Jul 2024 18:22:38 GMT

GET
H2 200 ios.png
arves.pages.dev/images/ 5 KB
405 B 26ms
26ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/ios.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b33290a887374b0351ad46d4f1fddc8038b3b805ae11fc1520c732108691a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e3bf91171350d558ba33d0e783b91dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRG8Q6P2qJ%2BXDbAdK4cShx1hFZaKPclQF22y9WyIJaRkvXPdBMpojehfQ%2FgYN6BnITCxbkYTSOKXq0dJufcwIxX1Nv0I0qBMkgRVMbdmS6aeuX1QFpcoSY2%2F4RzQ3lIeu3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c330da79b39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4885

GET
H3 200 footer-bg960.png
arves.pages.dev/images/ 271 B
747 B 87ms
87ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/footer-bg960.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd0bb8cd67fca59fd6e8383c338aa881b7ecf7b6b4b67d10b294dafc20064fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arves.pages.dev/css/layout2.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "80ebdb3290fca9fd67db21fd8a215691"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lScwJQm0LGlH%2FDmWxMzWsxmDa6tXSX%2FXs%2BDYLiCzp8cD%2BMCyVipgwPMjDRzyPFAEVs9xLofw6R6Xn8wQPobZfutAbXg%2Fc2lb3bZWwYiQAjrd3YU0%2FQ8m7ffU6KZsKUq73zE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89c86c330da89b39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 271

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 34ms
28ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=862564286&t=pageview&_s=1&dl=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&ul=de-de&de=UTF-8&dt=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1791716115&gjid=568739312&cid=909601986.1719858159&tid=UA-137930663-7&_gid=1517173166.1719858159&_r=1&_slc=1&gtm=45He46q0n81TGPDH6Gv811537095za200&cd3=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&cd6=2024-07-01T20%3A22%3A38.539%2B02%3A00&cd7=22ac1cb7-258e-492a-b346-514b8d385526&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1261392353

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 18:22:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://65944p-3000.csb.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 174ms
42ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GRH26TKW0W&gtm=45je46q0v9180705104z8811537095za200zb811537095&_p=1719858158302&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=909601986.1719858159&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719858158&sct=1&seg=0&dl=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&dt=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&en=page_view&_fv=1&_ss=2&tfd=5098&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GRH26TKW0W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 18:22:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://65944p-3000.csb.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 462ms
22ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GRH26TKW0W&cid=909601986.1719858159&gtm=45je46q0v9180705104z8811537095za200zb811537095&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GRH26TKW0W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 18:22:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://65944p-3000.csb.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 119ms
59ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GRH26TKW0W&cid=909601986.1719858159&gtm=45je46q0v9180705104z8811537095za200zb811537095&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1619941824

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 18:22:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
441 B 345ms
194ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://65944p-3000.csb.app/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B981B851576743EAA43731004EBD238D Ref B: FRAEDGE1912 Ref C: 2024-07-01T18:22:39Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://65944p-3000.csb.app
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYcM66jBigeUwCD1czEMQ==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 198ms
121ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6159052%2C7175113&time=1719858158918&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3DEDFE8FBA6B43A1963F491F2E651505 Ref B: FRAEDGE2005 Ref C: 2024-07-01T18:22:39Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYcM66idUcngXbLVmFGmg==
x-fs-uuid: 00061c33aea27547278176cb5661469a

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158918&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158918&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2&e_ipv6=AQKWd5c-9eFTwwAAAZBviN3XJJH7AC3tFpOWGlR...

0
481 B

156ms
114ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158918&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2&e_ipv6=AQKWd5c-9eFTwwAAAZBviN3XJJH7AC3tFpOWGlR4p7LwF6sw1WxvEH82vD70H1Lc
Requested by: Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://65944p-3000.csb.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 18:22:39 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A8CCFA263DDB4617B272667CE7910B82 Ref B: FRAEDGE1420 Ref C: 2024-07-01T18:22:39Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lva1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcM66lPEY9RCJ3fuPVmA==

Redirect headers

date: Mon, 01 Jul 2024 18:22:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FA09CFAC04FB4709A193AE0D6F845D38 Ref B: FRAEDGE1912 Ref C: 2024-07-01T18:22:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158918&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2&e_ipv6=AQKWd5c-9eFTwwAAAZBviN3XJJH7AC3tFpOWGlR4p7LwF6sw1WxvEH82vD70H1Lc
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcM66idef0nwD4ZShPtw==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
642 B 238ms
164ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6159052%2C7175113&time=1719858158923&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:38 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0FA83506A52449259D586B55087DB49A Ref B: FRAEDGE2005 Ref C: 2024-07-01T18:22:39Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYcM66i1jCawCMpuN9u6g==
x-fs-uuid: 00061c33aea2d6309ac02329b8df6eea

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158923&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158923&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2&e_ipv6=AQJPVg1PDpoXQQAAAZBviN38-xVc35KyJ8ZJ28X...

0
164 B

180ms
179ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158923&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2&e_ipv6=AQJPVg1PDpoXQQAAAZBviN38-xVc35KyJ8ZJ28XPYrKtyvOuLku-yiP4onqregID
Requested by: Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://65944p-3000.csb.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 18:22:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0CC7ECC287174C3B9443D037486431FE Ref B: FRAEDGE1420 Ref C: 2024-07-01T18:22:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcM66lzqglDoOF/V70jg==

Redirect headers

date: Mon, 01 Jul 2024 18:22:38 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1E9A2A4FAA514E9B83EC8D1BF9FE0211 Ref B: FRAEDGE1912 Ref C: 2024-07-01T18:22:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6159052%2C7175113&time=1719858158923&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&tm=gtmv2&e_ipv6=AQJPVg1PDpoXQQAAAZBviN38-xVc35KyJ8ZJ28XPYrKtyvOuLku-yiP4onqregID
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcM66jBx0vX0J8pBYDYg==

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 94ms
24ms Script
application/javascript 54.230.228.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2651856.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-40.muc50.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 36692
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1VYXS8VyAboIwh0WDkPIp4_Y5NZCNEoY1i5Xf1cT_Xcu8kw5Qc0K3A==

GET
H2 204 2651856 Show response
vc.hotjar.io/sessions/ 0
232 B 68ms
45ms XHR
text/plain 54.230.228.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2651856?s=0.25&r=0.059140553947316876
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-119.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 01 Jul 2024 18:22:39 GMT
cache-control: no-store
via: 1.1 7d775f7e444ed74169f0db8decde7d20.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
x-amz-cf-id: c0iKyWQzUVRP2ImpXi-E6W40Bq-g5lWzCSF1mOQ417rd0koQS-ZDyA==
x-cache: Miss from cloudfront

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 160ms
76ms XHR
application/json 34.254.107.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2651856&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.254.107.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-107-44.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6964dadba86fa98fce67e57d7bbdcacd6dc1785fc4a419ed2ab8306f63771592

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 01 Jul 2024 18:22:39 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 65ms
29ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 18:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ceCldLDyZN6bSQL6yyKLMg==
age: 1986
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Mon, 01 Jul 2024 02:32:17 GMT
server: cloudflare
etag: 0x8DC99760643A13F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eecde429-101e-00fd-698f-cbace8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89c86c36f9b03621-FRA
expires: Tue, 02 Jul 2024 17:49:33 GMT

GET
H2 200 430cf39f-917d-469f-9c6a-0de3834f38d3.json Show response
cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/ 4 KB
2 KB 119ms
94ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/430cf39f-917d-469f-9c6a-0de3834f38d3.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dee0c041358b92df0ab4f4ce329abbfa7f2ffe18809c1afa627bf2a7506576a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 18:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: VrRFOlHX4dhvvc0nozqbRw==
content-length: 1520
x-ms-lease-status: unlocked
last-modified: Mon, 04 Mar 2024 19:51:13 GMT
server: cloudflare
etag: 0x8DC3C847276ACA5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 26046cec-001e-00c0-01e3-cb19ce000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89c86c3748066adc-FRA
expires: Tue, 02 Jul 2024 18:22:39 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 314ms
101ms Script
application/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-120-28.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 18:22:39 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Mon, 01 Jul 2024 16:03:10 GMT
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Wed, 01 Jul 2026 18:22:39 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 89ms
47ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 89c86c383e881945-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202402.1.0/ 430 KB
105 KB 31ms
31ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 18:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5m3SVn9yaQSlRqLvlzjrBg==
age: 81789
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106956
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:34 GMT
server: cloudflare
etag: 0x8DC8B51807E16D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 15141953-c01e-005e-3b3d-bd6089000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89c86c388b823621-FRA

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/5021873b-6947-48ee-bc1c-8024619b3141/ 56 KB
15 KB 96ms
95ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/5021873b-6947-48ee-bc1c-8024619b3141/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f0c9e9654130e1871f21d7f894ab743e0624588dafa2d25f1961cf39daf85a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 18:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: N4k6blh6wApXxhNEqcdd3Q==
content-length: 14786
x-ms-lease-status: unlocked
last-modified: Mon, 04 Mar 2024 19:51:17 GMT
server: cloudflare
etag: 0x8DC3C8474A43848
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f9303864-c01e-00bb-52e3-cb727e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89c86c38ea696adc-FRA
expires: Tue, 02 Jul 2024 18:22:39 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 418ms
418ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-120-28.compute-1.amazonaws.com

Software

Resource Hash

b70182e07ab8c30209df0b1affb562bdb0d94c34c5e740ff1bf0b6eaef00e638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Mon, 01 Jul 2024 18:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 537
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/ 64 KB
13 KB 57ms
56ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ed759f9b0f407aa73df997bddf186c37a1927d2b0f8d2f7031067ecacf7581d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 18:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: hFMWROkswdN4Cpy+iFjdRg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12960
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:28 GMT
server: cloudflare
etag: 0x8DC8B517D32031A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 633cfaa1-001e-00cb-32e3-cb01ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89c86c398bae6adc-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/ 21 KB
4 KB 69ms
69ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 18:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 54d0a0c3-001e-000c-2ce3-cb7d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89c86c398bb06adc-FRA

GET
H3 200 script.js Show response
cdnstat.net/get/ 129 B
653 B 102ms
73ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstat.net/get/script.js?referrer=https://65944p-3000.csb.app/auth/login
Requested by: Host: arves.pages.dev
URL: https://arves.pages.dev/js/gtm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://65944p-3000.csb.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BP2Q7%2F9gkERDsgsbPc%2F%2FObNi5nkSm1octWVAPb2v7V%2BbcUT1JzU0wmDOurgsrex9apVjnG79Iowyjl4vPwCGA47SKc2NmLT2xIYxlELEz9Me4wH9phfNoVij9wB42Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 89c86c39ebd2918c-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
488 B 76ms
76ms Fetch
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 18:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Mon, 01 Jul 2024 16:41:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4dd665ad-201e-00b1-51e3-cb6bf7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89c86c3a1c996adc-FRA

GET
H2 200 Arvest_Blue.png
cdn.cookielaw.org/logos/6172babb-2745-4cff-9039-b1406add1ba4/fada2104-882f-43bd-a08d-f4edf8f3a307/3e6cb5bb-d360-42fe-9fb3-5981de87d38f/ 13 KB
13 KB 47ms
47ms Image
image/png 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/6172babb-2745-4cff-9039-b1406add1ba4/fada2104-882f-43bd-a08d-f4edf8f3a307/3e6cb5bb-d360-42fe-9fb3-5981de87d38f/Arvest_Blue.png

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8dfec6b2ebf53eb2ed27513f1a17f035f59b9c854c193cd3884273e5d9104a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 18:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: iH4kUmdFlsukv4aqm9ptKg==
age: 84828
content-length: 13471
x-ms-lease-status: unlocked
last-modified: Wed, 14 Jul 2021 13:55:36 GMT
server: cloudflare
etag: 0x8D946CF0E6BDBA3
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6a9d0c0f-001e-0062-384e-79fba4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89c86c3a3dcd3621-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 44ms
44ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 18:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 49833
x-ms-lease-status: unlocked
last-modified: Thu, 27 Jun 2024 19:50:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fae89d25-501e-0014-6c8e-c950ee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89c86c3a3dd23621-FRA

GET
H/1.1 200
OK analytics Show response
customers.arvest.com/ 50 B
1020 B 932ms
217ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customers.arvest.com/analytics?conly=true&visitor_id=258583683&visitor_id_sign=86f388fdea7081cb0559dfcf6904f2949248384a8215fbf4c7c0b93a38a9ed81ae134bc1e618fcf1d906526c13ac244edc0c6ad3&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest:%20Personal:%20Arvest%20Online%20Banking:%20Online%20Banking&url=https://65944p-3000.csb.app/auth/login&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&url=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-120-28.compute-1.amazonaws.com
Software: /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Mon, 01 Jul 2024 18:22:40 GMT
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 50
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/ 10 KB
5 KB 111ms
56ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Requested by

Host: 65944p-3000.csb.app
URL: https://65944p-3000.csb.app/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89d2d6672859e1c28c00430ba516989caa45ce6447e46601c14644a0a6b157ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 31264
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"268a-76eADEbjsPYGZ2qsBh2uXSpoM2c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 89c86c420ca35c2c-FRA

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.1/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.1/dist/web-vitals.iife.js

7 KB
4 KB

38ms
36ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.1/dist/web-vitals.iife.js

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf7f9b0dd938575c72ff1592ea18e7ab9bc53ff8838a38c8484c10f5d9be7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://65944p-3000.csb.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 18:22:41 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 79935
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J1NCABP2P0YHTXYPY6ERGKW5-fra
server: cloudflare
etag: "1c0c-hOpjVE2mSiNVJWsLrpc64ergTOY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89c86c42388f3608-FRA

Redirect headers

date: Mon, 01 Jul 2024 18:22:40 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J1QRFSC6YY6SSRKNWKR1X1VQ-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 65
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@4.2.1/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 89c86c41e82a3608-FRA

GET
H3 404 favicon.ico
arves.pages.dev/arvest.com/ 0
411 B 38ms
38ms Other
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arves.pages.dev/arvest.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:40 GMT
referrer-policy: strict-origin-when-cross-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4VGpDl8fTiRr3Ezvvhj19cEBc0SBhwR%2Fbz8UrZKzdGJXs7O3ZSj4XkCV2cj8%2FufmeHTKo1%2BTxjRizDUR7XoTvIEDO6r056p4ZRBBr%2F%2BMvvG3KPayJHHRklJLd0Q4O7qfc8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store
cf-ray: 89c86c41acc49b39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=862564286&t=timing&_s=2&dl=https%3A%2F%2F65944p-3000.csb.app%2Fauth%2Flogin&ul=de-de&de=UTF-8&dt=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=7188&pdt=41&dns=8&rrt=1&srt=4134&tcp=33&dit=5376&clt=5376&_gst=4836&_gbt=4966&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=909601986.1719858159&tid=UA-137930663-7&_gid=1517173166.1719858159&gtm=45He46q0n81TGPDH6Gv811537095za200&cd3=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&cd6=2024-07-01T20%3A22%3A38.539%2B02%3A00&cd7=22ac1cb7-258e-492a-b346-514b8d385526&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=162024488

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 14:21:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14449
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12.ebe7e89e19ae15a2ea2c.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 74 KB
21 KB 40ms
35ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.ebe7e89e19ae15a2ea2c.chunk.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=65944p-3000.csb.app

Requested by

Host: znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
URL: https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be0efd5a2f263566ceac2c3c5ee951e0360cfb28cd8a03d78006f9d901b6f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 304508
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Jun 2024 15:29:10 GMT
server: cloudflare
etag: W/"1280a-19036441570"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 89c86c426d0b5c2c-FRA

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
2 KB 122ms
122ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cTsTcEDc1rc1Tnw&Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.ebe7e89e19ae15a2ea2c.chunk.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=65944p-3000.csb.app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26c2da330dc31577a32e0fd6f445b0fb3c5e914b55fb2de8c97dada4dc17f13e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 01 Jul 2024 18:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: application/json
access-control-allow-origin: https://65944p-3000.csb.app
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 6a954ad072547b68
timing-allow-origin: *
cf-ray: 89c86c42ad435c2c-FRA

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
29 KB 33ms
32ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.ebe7e89e19ae15a2ea2c.chunk.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=65944p-3000.csb.app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423b15ea342312983edef11b6282dcfb0a795741340e849499d315bd4501c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 327470
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Jun 2024 15:29:10 GMT
server: cloudflare
etag: W/"1974e-19036441570"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 89c86c436e025c2c-FRA

GET
H2 200 7.cc6a57cd6845c1665b38.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 42ms
41ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.cc6a57cd6845c1665b38.chunk.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
URL: https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

489ac29678bc0af0c41ee03b6f3d3b58116ad507cb3e0a65b69e48205146321c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 327469
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Jun 2024 15:29:10 GMT
server: cloudflare
etag: W/"b52-19036441570"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 89c86c43be5e5c2c-FRA

GET
H2 200 1.84b73d6e26cda30fe2be.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 39ms
39ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.84b73d6e26cda30fe2be.chunk.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
URL: https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20be6c44ec8cac0d28cfc708b05e9d853ed807b59f8ceb6aff80e905cbacaff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 327474
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Jun 2024 15:29:10 GMT
server: cloudflare
etag: W/"73f8-19036441570"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 89c86c43be625c2c-FRA

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
22 KB 46ms
46ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.ebe7e89e19ae15a2ea2c.chunk.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=65944p-3000.csb.app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f17092e0b113045e7dddade0ce4a8b709329783e31d56782783d78cdf887ffc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 18:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 327430
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Jun 2024 15:29:10 GMT
server: cloudflare
etag: W/"10098-19036441570"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 89c86c43be645c2c-FRA

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 223ms
163ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_01JDqG39AUPDXfw&Version=67&Q_ORIGIN=https://65944p-3000.csb.app&Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21&Q_BRANDDC=iad1

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.ebe7e89e19ae15a2ea2c.chunk.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=65944p-3000.csb.app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9167b851fdb291db4eae53410607b36f2ee03bb61ede118f97915a78bb143abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Mon, 01 Jul 2024 18:22:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 18:22:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 89c86c441aa337f5-FRA
expires: Thu, 29 Jun 2034 18:22:41 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
611 B 238ms
178ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_6u0MmncjsLPdtpY&Version=2&Q_InterceptID=SI_01JDqG39AUPDXfw&Q_ORIGIN=https://65944p-3000.csb.app&Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21&Q_BRANDDC=iad1

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.ebe7e89e19ae15a2ea2c.chunk.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=65944p-3000.csb.app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aff16e2795195baeb0caa48a7678dd4666a0077073583d72e07aad4857d583e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Mon, 01 Jul 2024 18:22:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 18:22:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 89c86c441aa537f5-FRA
expires: Thu, 29 Jun 2034 18:22:41 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
208 B 44ms
44ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_6u0MmncjsLPdtpY&Q_SIID=SI_01JDqG39AUPDXfw&Q_ASID=AS_30008237&Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&r=1719858161467

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.9.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 01 Jul 2024 18:22:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://65944p-3000.csb.app
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 7008f9cf23176d5a
cf-ray: 89c86c454c6e37f5-FRA

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 245 B
529 B 31ms
31ms Image
image/png 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://65944p-3000.csb.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Mon, 01 Jul 2024 18:22:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2100887
cf-polished: origSize=757
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length: 245
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 May 2024 20:28:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000, public
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 79f1a641c6d706fb
accept-ranges: bytes
cf-ray: 89c86c454ff65c2c-FRA
expires: Mon, 05 Jun 2034 10:47:54 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Arvest Bank (Banking)

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
65944p-3000.csb.app/auth	1970-01-20 21:44:57	Name: PHPREFS Value: full
.65944p-3000.csb.app/	1970-01-20 23:53:54	Name: _gcl_au Value: 1.1.1866063015.1719858159
.codesandbox.io/	1969-12-31 23:59:59	Name: _cfuvid Value: cVgMoJ7qfKXlKLv6zRkU63ligxLiK1uy1hmgFXU4ldM-1719858158646-0.0.1.1-604800000
.65944p-3000.csb.app/	1970-01-20 21:45:44	Name: _gid Value: GA1.3.1517173166.1719858159
.65944p-3000.csb.app/	1970-01-20 21:44:18	Name: _gat_UA-137930663-7 Value: 1
.65944p-3000.csb.app/	1970-01-21 07:20:18	Name: _ga_GRH26TKW0W Value: GS1.1.1719858158.1.0.1719858158.60.0.0
.65944p-3000.csb.app/	1970-01-21 07:20:18	Name: _ga Value: GA1.1.909601986.1719858159
.65944p-3000.csb.app/	1970-01-21 06:29:54	Name: _hjSessionUser_2651856 Value: eyJpZCI6ImNmYjc5ZDM5LWY0YmMtNWE3Mi05ZjQ4LWRjYTRmZGJmODdiMSIsImNyZWF0ZWQiOjE3MTk4NTgxNTkwODMsImV4aXN0aW5nIjp0cnVlfQ==
.65944p-3000.csb.app/	1970-01-20 21:44:19	Name: _hjSession_2651856 Value: eyJpZCI6Ijc0OTBiNTllLTRlYTYtNGYwNy04YTA1LTc5NzhhZjBkMzI5ZSIsImMiOjE3MTk4NTgxNTkwODUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.linkedin.com/	1970-01-20 21:45:44	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3366:u=1:x=1:i=1719858159:t=1719944559:v=2:sig=AQGx-Aqv-nqkRdYVgmTUbdoH5vr0J-WQ"
.linkedin.com/	1970-01-21 06:29:54	Name: bcookie Value: "v=2&4a369f33-3c95-4259-80d6-294fe89a02d0"
.linkedin.com/	1970-01-21 02:03:30	Name: li_gc Value: MTswOzE3MTk4NTgxNTk7MjswMjGutLnrgSx5AGcx/BIjkK+Z6fmp4j8/ujdRgS/4feFRug==
.codesandbox.io/	1970-01-21 06:29:54	Name: cf_clearance Value: p.RwXKsekN0tScd.mTvnuKuB8CO5kwXQpdiPiZ0tpCM-1719858159-1.0.1.1-BzkVBOj1RGy45kT67Oym2eUwPBSuZR0jkLnH_pizLm0eFddQH0NOWnEuOqAUKar8Xv5eEYzmeEMbG1NS1Bi96A
.pardot.com/	1970-01-21 07:20:18	Name: visitor_id967183 Value: 258583683
.pardot.com/	1970-01-21 07:20:18	Name: visitor_id967183-hash Value: 86f388fdea7081cb0559dfcf6904f2949248384a8215fbf4c7c0b93a38a9ed81ae134bc1e618fcf1d906526c13ac244edc0c6ad3
pi.pardot.com/	1970-01-20 21:44:19	Name: lpv967183 Value: aHR0cHM6Ly82NTk0NHAtMzAwMC5jc2IuYXBwL2F1dGgvbG9naW4%3D
65944p-3000.csb.app/	1970-01-21 07:20:18	Name: visitor_id967183 Value: 258583683
65944p-3000.csb.app/	1970-01-21 07:20:18	Name: visitor_id967183-hash Value: 86f388fdea7081cb0559dfcf6904f2949248384a8215fbf4c7c0b93a38a9ed81ae134bc1e618fcf1d906526c13ac244edc0c6ad3
customers.arvest.com/	1970-01-21 07:20:18	Name: visitor_id967183 Value: 258583683
customers.arvest.com/	1970-01-21 07:20:18	Name: visitor_id967183-hash Value: 86f388fdea7081cb0559dfcf6904f2949248384a8215fbf4c7c0b93a38a9ed81ae134bc1e618fcf1d906526c13ac244edc0c6ad3

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://65944p-3000.csb.app/auth/login Message: [DOM] Found 4 elements with non-unique id #IsCommercial: (More info: https://goo.gl/9p2vKq) %o %o %o %o
recommendation	warning	URL: https://65944p-3000.csb.app/auth/login Message: [DOM] Found 3 elements with non-unique id #aoblogon_persist: (More info: https://goo.gl/9p2vKq) %o %o %o
recommendation	warning	URL: https://65944p-3000.csb.app/auth/login Message: [DOM] Found 3 elements with non-unique id #aoblogon_submit_2: (More info: https://goo.gl/9p2vKq) %o %o %o
recommendation	warning	URL: https://65944p-3000.csb.app/auth/login Message: [DOM] Found 6 elements with non-unique id #aoblogon_userid: (More info: https://goo.gl/9p2vKq) %o %o %o %o %o %o
network	error	URL: https://arves.pages.dev/arvest.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

65944p-3000.csb.app
ajax.aspnetcdn.com
arves.pages.dev
cdn.cookielaw.org
cdnjs.cloudflare.com
cdnstat.net
codesandbox.io
content.hotjar.io
customers.arvest.com
geolocation.onetrust.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
siteintercept.qualtrics.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
unpkg.com
vc.hotjar.io
www.google-analytics.com
www.google.de
www.googletagmanager.com
znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
104.17.24.14
13.107.42.14
142.250.186.110
142.250.186.99
152.199.19.160
172.64.148.87
172.64.154.107
18.66.192.117
188.114.96.3
188.114.97.3
2001:4860:4802:32::36
2606:4700:4400::ac40:9b77
2606:4700::6811:f6cb
2606:4700::6813:b134
2620:1ec:21::14
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:400c:c00::9d
2a02:26f0:3500:10::210:a99
2a06:98c1:3121::3
3.92.120.28
34.254.107.44
54.230.228.119
54.230.228.40
01d1a470c25a6f60c6fa9e7de42b0158533a7bf3de3c0d7c2687f5a5a8269377
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
0423b15ea342312983edef11b6282dcfb0a795741340e849499d315bd4501c93
0ed759f9b0f407aa73df997bddf186c37a1927d2b0f8d2f7031067ecacf7581d
1252843b50c568f5a207600688226e7c516d706623b50ab4ad33fe438f25a514
1273fa967e7f8702e444df5a649d3ada3d56bd6f3c26bfec97f926a116e57529
13cdcd37ed238e27c50fac06ba440885e95bbae7a85c8c7447111738f7bdbaaf
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16eba136a35400f1100a450d2f48d656b67296e74c62521aedcd8fab29c7d4ce
17bd8b07ef5603105ef87297b87ab38d5270455d867c67c6cbf2953d7188445b
1be0efd5a2f263566ceac2c3c5ee951e0360cfb28cd8a03d78006f9d901b6f5d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20be6c44ec8cac0d28cfc708b05e9d853ed807b59f8ceb6aff80e905cbacaff1
20da8601280b37880ba8b04bf37c1c50957f671ffb67142bae36258e0c84641b
21ba23bacc45b32c237fac9f813811f1d319877e9cab4d84c71029cb7b49c9df
26c2da330dc31577a32e0fd6f445b0fb3c5e914b55fb2de8c97dada4dc17f13e
2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558
2ee5b697a7b857ffe13445f6b2ee5ca3f0ab76be6c03b51bc53879648c7bd9a8
3132b69dbeb859635eea70dbdae8557c143d111eeb9a473fb84fe5fac904cc18
39f485ef565c7ced26632fea1c6fb2f67b5c90c49c38fe856ead961258b65682
3ac4db385ce573e1038b4a1a504bac75d82114d03a863bc8e9ef19328304f587
3b3544ef8e0b67d75e2b4f79df4fa1fd6a1324c98d04322dc901248ce012fcf3
3b8fd01969247b640db14518378c4ee2487d6c5d389f613d947abf2e6063d6ce
3ffbb276d8124704f5a7e0035b5bb87e4adc7a7e4b322ae2ed476ee37ffa7ffc
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b33290a887374b0351ad46d4f1fddc8038b3b805ae11fc1520c732108691a8
489ac29678bc0af0c41ee03b6f3d3b58116ad507cb3e0a65b69e48205146321c
4bf5ca21167bd44e7b547a5c908f0cb82a9420f0b4927ff1ded1232446f6f17e
5566d8578cf4b69b5523a1d983aa31de64c5e40bc55db1c5551ac01f647ca529
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
610c99d9f333e8e356584239f9cbf91592f1c38877fce7d1d1da4bf3aac94e44
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
6491b85ca5a5c4626f1652db130d063c69aec82ad31a21a3082f2f475c1dcdc3
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6964dadba86fa98fce67e57d7bbdcacd6dc1785fc4a419ed2ab8306f63771592
71a5a87419274c90d38870cc8b74a2c53ef6b325bf3578951a11f655b12cf8b9
78916b7e7255abfa5144710ebd8c5624e778991bb4d86bf526abe9106baad9f1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b3886467835fc527fbf40a9972323de5c82f3dd5a325b6b1deb39d4e9f24251
7d48e4cdc332afa2ac66eea1408b7fc4ac19d7aee7535ad7a6beee81b16c29b4
7f857f665240f78c391083521d6736b87353bba5137e71e08d792a7a8ad827cd
80775d79677fe7cb03b02a6ea8876ae8d9b50f40bf5cc99946c64b5b18d84a79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b
89d2d6672859e1c28c00430ba516989caa45ce6447e46601c14644a0a6b157ad
8aff16e2795195baeb0caa48a7678dd4666a0077073583d72e07aad4857d583e
8d8f81b3deb15a8d8a4d940347fb3322ca6d49640e7ce14514ccbe07862a1aba
9167b851fdb291db4eae53410607b36f2ee03bb61ede118f97915a78bb143abc
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
971cbfd037bdfa175bbcc512eb44ef5430b917a88df8b0b0344d85dff95f795e
9ddd9fab5342d91721c67a39aa003a8b6baefc3fa9c35d07ae7c61b62b0e8304
9fb1794640596b6601ece58fae25be2a00d2e71981f55dd2b743d4f45909c5e3
a8eadeb36aa1e752b10866c2a77550395b7517b183871b69180044aebea508f1
acef1942f049403dc286204d0feb044e16fffd0c4b91e6ad3814fe81a63473f6
adf7f9b0dd938575c72ff1592ea18e7ab9bc53ff8838a38c8484c10f5d9be7fd
af97ce613cb505abdecec61e500b8d8d50dc055cc26a508b29d451455f9f4718
b70182e07ab8c30209df0b1affb562bdb0d94c34c5e740ff1bf0b6eaef00e638
b9be58dfbf40a15b63977356d7a343d790e89f241cf28bcb7883da48e2eea19f
bd66012b771fe92c7549ffa275254ec23d15e1939c56c224565858d40be98a01
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3f0c9e9654130e1871f21d7f894ab743e0624588dafa2d25f1961cf39daf85a
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
ccd10693e75dfc608e745959d5a9cbe7987653ddd7edde560b0590acc7675e91
d3e50e04d1dcfa006677cbf23fb3110e93e2b6a4fb930ad13f3166e41383f97d
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d8dfec6b2ebf53eb2ed27513f1a17f035f59b9c854c193cd3884273e5d9104a0
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee0c041358b92df0ab4f4ce329abbfa7f2ffe18809c1afa627bf2a7506576a2
df81a7b8a5ba3e560eec6f4b9a0bdc93e739f9d9bd0f348c4eea8fb3fd789f84
e2266eb423ddf014680bf965dfdefc302947c231645f864e7ed3e16e70941d31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5816a040f78bd21a0a149637977c04c952c491111c5dcbec993fa91b4cb566c
e7cf593c0726db50aeaeb0f6973332ae8c226f467b28463e5cb225c07a9ad5da
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb9919e780526be341049bb6154d23490c6462583b1ddfa33a4c8daa025dfaa
f17092e0b113045e7dddade0ce4a8b709329783e31d56782783d78cdf887ffc6
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f4d067fab799e99b87904f659c692a443efdefb8d5eefcc98fc7db2cd5bd39cb
f9f313b0aac7378a2b6c863515b66905ec21a1c5900dc51b52cce28d7d0009ac
fbd9e72fc8811406de10190f29478f63524a88c6c33ac96017c2f38374787c55
fd0bb8cd67fca59fd6e8383c338aa881b7ecf7b6b4b67d10b294dafc20064fcf

65944p-3000.csb.app Open in urlscan Pro 172.64.148.87 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

97 %HTTPS

38 %IPv6

21 Domains

25 Subdomains

26 IPs

6 Countries

1269 kBTransfer

3855 kBSize

20 Cookies

100 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

65944p-3000.csb.app Open in urlscan Pro
172.64.148.87 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

97 %
HTTPS

38 %
IPv6

21
Domains

25
Subdomains

26
IPs

6
Countries

1269 kB
Transfer

3855 kB
Size

20
Cookies

97 HTTP transactions
0 data transactions