bankjd.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bankjd.com/
Submission: On June 03 via automatic, source certstream-suspicious (June 3rd 2022, 10:59:54 am UTC) — Scanned from DE

Summary HTTP 50 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bankjd.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.

This is the only time bankjd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	114.80.187.5 114.80.187.5	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom Group)
3	2606:4700:303... 2606:4700:3034::ac43:813c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4014:80e::2003	15169 (GOOGLE) (GOOGLE)
1 1	209.140.129.82 209.140.129.82	11643 (EBAY) (EBAY)
1	104.75.89.51 104.75.89.51	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
50	15

6 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

bankjd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 114.80.187.5 (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)

static.oneinstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:813c (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.140.129.82 (United States) 1 redirects

ASN11643 (EBAY, US)
PTR: rover-public-lvsaz01-1-1.ebay.com

www.ebayadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-51.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	319 KB
10	oneinstack.com static.oneinstack.com	1 MB
8	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com	294 KB
6	bankjd.com bankjd.com	8 KB
3	shields.io img.shields.io — Cisco Umbrella Rank: 42392	3 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	33 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	ebaystatic.com secureir.ebaystatic.com — Cisco Umbrella Rank: 4856	548 B
1	ebayadservices.com 1 redirects www.ebayadservices.com — Cisco Umbrella Rank: 5167	672 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	43 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8526	792 B
50	11

	Domain	Requested by
10	static.oneinstack.com	bankjd.com
9	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	static.oneinstack.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	bankjd.com	bankjd.com static.oneinstack.com
4	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	img.shields.io	bankjd.com
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	secureir.ebaystatic.com
1	www.ebayadservices.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
50	16

This site contains links to these domains. Also see Links.

Domain
lempstack.com
oneinstack.com
linuxeye.com
www.alibabacloud.com
filezilla-project.org
docs.aws.amazon.com
docs.microsoft.com
paypal.me
static.oneinstack.com
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
static.oneinstack.com Encryption Everywhere DV TLS CA - G1	`2022-05-28` - `2023-05-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://bankjd.com/
Frame ID: B5F1997AB50A240DDA29D0F6C554EDDC
Requests: 18 HTTP requests in this frame

Frame: https://static.oneinstack.com/ad_buttom.html
Frame ID: 77644F56DA9ACF3D41F80352AD017C19
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654253989440&bpp=20&bdt=174&idt=1191&shv=r20220601&mjsv=m202205260101&ptt=5&saldr=sa&correlator=3896903320914&frm=22&ife=1&pv=2&ga_vid=593426630.1654253991&ga_sid=1654253991&ga_hid=942543426&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531608%2C31065721&oid=2&pvsid=1034427324336625&pem=716&uas=0&nvt=1&top=https%3A%2F%2Fbankjd.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5zftbxe717t2&fsb=1&xpc=uogrqkQM43&p=https%3A//static.oneinstack.com&dtd=1206
Frame ID: 268895B76B628A204CEB16D0B5D94946
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Frame ID: F3164D6C8DA891210B19B2474E8E0DB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5EDB50245ECA0FE0748C5F4DF2E4BBF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1BFB27209C8E531E7AFA933876EA772
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to use OneinStack

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

50
Requests

96 %
HTTPS

80 %
IPv6

11
Domains

16
Subdomains

15
IPs

4
Countries

1892 kB
Transfer

2716 kB
Size

4
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://lempstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://lempstack.com/install/
Title: Install & Docs

Search URL Search Domain Scan URL

URL: https://lempstack.com/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://lempstack.com/changelog/
Title: ChangeLog

Search URL Search Domain Scan URL

URL: https://oneinstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://linuxeye.com/
Title: Linux

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/faq-detail/35854.htm
Title: BROWSE DOCS

Search URL Search Domain Scan URL

URL: https://filezilla-project.org/download.php
Title: Download address

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/display-default-mysql-root-password/
Title: Display default MySQL root password

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/how-to-setup-a-remote-mysql-connection/
Title: How to setup a remote MySQL connection?

Search URL Search Domain Scan URL

URL: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
Title: AWS Security groups

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
Title: Azure Security groups

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/doc-detail/58746.htm
Title: Alibabacloud Security group

Search URL Search Domain Scan URL

URL: https://paypal.me/yeho

Search URL Search Domain Scan URL

URL: https://static.oneinstack.com/images/alipay.png

Search URL Search Domain Scan URL

URL: https://static.oneinstack.com/images/weixin.png

Search URL Search Domain Scan URL

URL: https://t.me/oneinstack
Title: t.me/oneinstack

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-163300-122643-2&mkcid=4&mkevt=2&mpt=1253486393&gdpr=&gdpr_consent=&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=551583 HTTP 301
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Request Chain 38

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34sLimAEQgAkYgQkyCLhTVvxEnQYN HTTP 301
https://tpc.googlesyndication.com/simgad/2401371329490837093

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bankjd.com/ 18 KB
4 KB 504ms
440ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a22a5383430e915d8ab4c8689c6ee04940130b282db2fdd57e577ad1126772d8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7157ebda8f490e1e-MXP
content-encoding: br
content-type: text/html
date: Fri, 03 Jun 2022 10:59:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Sat, 26 Feb 2022 08:38:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNDokswLbzkz8rUXclbIO1bbUkHfh%2BzTBHoVyeiPWA1YaD1y5ciyZfeAxR2DlIbUjrciL%2FFVkElNnMlJrcNq8ebmZ5Vouf0QFFpd24NkqAXQMaF2s7BFfHLiyb1onqmDLsF%2BGtRB43ou"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ois.css
static.oneinstack.com/assets/ 139 KB
22 KB 1821ms
414ms Stylesheet
text/css 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oneinstack.com/assets/ois.css
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:47:42 GMT
via: cache24.l2cn2656[107,107,304-0,M], cache6.l2cn2656[109,0], kunlun9.cn2364[0,0,200-0,H], kunlun8.cn2364[6,0]
x-oss-request-id: 6299E6CE1B08F7393845FF82
content-md5: FigiPMVrnmR1ZEYGL79qOA==
age: 726
x-cache: HIT TCP_MEM_HIT dirn:10:705185009
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:47:42 GMT
content-encoding: gzip
content-length: 21572
x-oss-object-type: Normal
last-modified: Thu, 06 Sep 2018 06:26:29 GMT
server: Tengine
etag: "1628223CC56B9E64756446062FBF6A38"
vary: Accept-Encoding
ali-swift-global-savetime: 1654253262
content-type: text/css
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 10073388271340420065
eagleid: 7250bb1c16542539889144013e
x-oss-server-time: 16

GET
H2 200 vhost.png
static.oneinstack.com/images/ 379 KB
380 KB 2224ms
817ms Image
image/png 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/vhost.png
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:16:54 GMT
via: cache28.l2cn2656[144,145,304-0,M], cache18.l2cn2656[193,0], kunlun10.cn2364[0,0,200-0,H], kunlun8.cn2364[7,0]
x-oss-request-id: 6299DF96E20C8C3234A35273
content-md5: vRkM4GHxj1RKHmypU9jYJg==
age: 2574
x-cache: HIT TCP_MEM_HIT dirn:5:785782214
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:16:54 GMT
content-length: 388325
x-oss-object-type: Normal
last-modified: Tue, 17 Apr 2018 00:44:34 GMT
server: Tengine
etag: "BD190CE061F18F544A1E6CA953D8D826"
ali-swift-global-savetime: 1654251414
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 13855228782985020134
eagleid: 7250bb1c16542539889144017e
x-oss-server-time: 75

GET
H2 200 vhost_del.png
static.oneinstack.com/images/ 47 KB
48 KB 2628ms
1226ms Image
image/png 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/vhost_del.png
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:49:05 GMT
via: cache46.l2cn2656[121,121,304-0,M], cache17.l2cn2656[122,0], kunlun8.cn2364[0,0,200-0,H], kunlun8.cn2364[7,0]
x-oss-request-id: 6299E720FE87B730319D867E
content-md5: xuKDQl+fITtDLX9ueypXFg==
age: 643
x-cache: HIT TCP_MEM_HIT dirn:0:496006612
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:49:05 GMT
content-length: 48386
x-oss-object-type: Normal
last-modified: Fri, 05 Jan 2018 01:33:22 GMT
server: Tengine
etag: "C6E283425F9F213B432D7F6E7B2A5716"
ali-swift-global-savetime: 1654253345
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16888844593495608369
eagleid: 7250bb1c16542539889144020e
x-oss-server-time: 55

GET
H2 200 pureftpd.png
static.oneinstack.com/images/ 131 KB
132 KB 2626ms
1225ms Image
image/png 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/pureftpd.png
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:48:29 GMT
via: cache33.l2cn2656[91,91,304-0,M], cache11.l2cn2656[93,0], kunlun5.cn2364[0,0,200-0,H], kunlun8.cn2364[7,0]
x-oss-request-id: 6299E6FDECB4DB323420733D
content-md5: 7zl7AuEWDSHbL5+n0OL7KQ==
age: 679
x-cache: HIT TCP_MEM_HIT dirn:0:436336215
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:48:29 GMT
content-length: 134303
x-oss-object-type: Normal
last-modified: Sun, 30 Dec 2018 14:25:48 GMT
server: Tengine
etag: "EF397B02E1160D21DB2F9FA7D0E2FB29"
ali-swift-global-savetime: 1654253309
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 4738377704576296990
eagleid: 7250bb1c16542539889144019e
x-oss-server-time: 55

GET
H2 200 backup_setup.png
static.oneinstack.com/images/ 118 KB
119 KB 2627ms
1227ms Image
image/png 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/backup_setup.png
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:51:30 GMT
via: cache38.l2cn2656[0,0,304-0,H], cache44.l2cn2656[1,0], kunlun9.cn2364[0,0,200-0,H], kunlun8.cn2364[7,0]
x-oss-request-id: 6299E7B2EE852133308FAD26
content-md5: 659MR5IfDYlO/K4Ns6bNqg==
age: 498
x-cache: HIT TCP_MEM_HIT dirn:10:633593290
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:51:31 GMT
content-length: 121215
x-oss-object-type: Normal
last-modified: Sat, 08 Dec 2018 15:01:47 GMT
server: Tengine
etag: "EB9F4C47921F0D894EFCAE0DB3A6CDAA"
ali-swift-global-savetime: 1654253490
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 12530950749996754773
eagleid: 7250bb1c16542539889144026e
x-oss-server-time: 60

GET
H2 200 upgrade.png
static.oneinstack.com/images/ 145 KB
146 KB 807ms
804ms Image
image/png 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/upgrade.png
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:48:28 GMT
via: cache16.l2cn2656[90,91,304-0,M], cache49.l2cn2656[91,0], kunlun7.cn2364[0,0,200-0,H], kunlun8.cn2364[3,0]
x-oss-request-id: 6299E6FCE63D7B31301B09B7
content-md5: 2ibJCCM3lIIVt2qK7tU4hA==
age: 681
x-cache: HIT TCP_MEM_HIT dirn:0:43822358
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:48:28 GMT
content-length: 148741
x-oss-object-type: Normal
last-modified: Sun, 30 Dec 2018 14:25:48 GMT
server: Tengine
etag: "DA26C9082337948215B76A8AEED53884"
ali-swift-global-savetime: 1654253308
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 6318895251282152936
eagleid: 7250bb1c16542539893375367e
x-oss-server-time: 68

GET
H2 200 uninstall.png
static.oneinstack.com/images/ 234 KB
235 KB 807ms
804ms Image
image/png 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/uninstall.png
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:48:29 GMT
via: cache5.l2cn2656[108,108,304-0,M], cache6.l2cn2656[111,0], kunlun6.cn2364[0,0,200-0,H], kunlun8.cn2364[4,0]
x-oss-request-id: 6299E6FDA0BE373635081F7A
content-md5: FkrQbxLhJFdkNtUcZZ7+YA==
age: 680
x-cache: HIT TCP_MEM_HIT dirn:11:12225321
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:48:29 GMT
content-length: 240040
x-oss-object-type: Normal
last-modified: Sun, 24 Nov 2019 02:31:03 GMT
server: Tengine
etag: "164AD06F12E124576436D51C659EFE60"
ali-swift-global-savetime: 1654253309
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 13914716929911636181
eagleid: 7250bb1c16542539893375372e
x-oss-server-time: 75

GET
H2 200 Paypal-donate-green.svg
img.shields.io/badge/ 1 KB
1 KB 382ms
176ms Image
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Paypal-donate-green.svg
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8ee909e2d4c114b0b251ad90903b8b68ec6c1d28b2b731e30b507b399e872f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:47 GMT
via: 2 fly.io
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 03 Jun 2022 04:06:05 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id: 01G4MKH7B61W6BD7C91MHBFGKH-cdg
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rE%2FGBf1J3eST1Eu2DCk%2BX4eUVYNKhul%2FaR94%2BGq3KztvdR9qvojEor1F6jLoJXCtkbDOZtvjQZXj60byiGFUo1prcp4KiEClRkXLD5dh2RMfbXJEfInQ4WI83X2rSe9GqChcSitWLXWKgf2fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
cf-ray: 7157ebdecc000f56-MXP

GET
H2 200 Alipay-donate-green.svg
img.shields.io/badge/ 1 KB
813 B 397ms
192ms Image
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Alipay-donate-green.svg
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72a2953e02d27e18441f20bcc24a588f2c5d9c16417e037b8af71c5dbb3aa64e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:47 GMT
via: 2 fly.io
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 03 Jun 2022 07:51:04 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id: 01G4MKH32EFQH404ZDREHGWN4X-cdg
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrgBclhQa2VL8TlWfstRGCWVyxCoWXbsN8DZVkOfiNH0diUglxi3e%2BsQ8Nd5Kz%2BWjTstKaSzEJ4j7TTD2a8dO4F5o196tkHJJvomwhZ%2Fp1%2FSUB5ZoIcmU%2FlQG60ObwyorI38DvCgaXvz%2FM%2FnAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
cf-ray: 7157ebdecc020f56-MXP

GET
H2 200 Wechat-donate-green.svg
img.shields.io/badge/ 1 KB
804 B 394ms
189ms Image
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Wechat-donate-green.svg
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e16ade5192e597f322741b340137a21dc9947febf9dc464f03a5421c782b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:47 GMT
via: 2 fly.io
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 03 Jun 2022 07:46:19 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id: 01G4MKH32QZFFG6Q17VH1VX5J1-cdg
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZDrdo0ugmkTpFAhJtXcv2O1IRV5zitdfXLSqxThMu8Mi6gIe2wS3INB5KNFg6NpDVmbLTbNkHt1xl7PeOmCZkRlhEKlQPQlq2rrRmjxckYmGBtdD81qFOxUx4KBz6SLFsvJLUo0qC7ySFAD1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
cf-ray: 7157ebdecc040f56-MXP

GET
H2 200 pay.png
static.oneinstack.com/images/ 47 KB
47 KB 807ms
805ms Image
image/png 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/pay.png
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f510208b9a91e7b867214ba22e49dda278b9a72e087ee1195691d259cbab43b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:51:30 GMT
via: cache39.l2cn2656[0,0,304-0,H], cache18.l2cn2656[1,0], kunlun6.cn2364[0,0,200-0,H], kunlun8.cn2364[5,0]
x-oss-request-id: 6299E7B26E537B32374DDD16
content-md5: Da5McVQvWo9YWLv2tLjKyw==
age: 499
x-cache: HIT TCP_MEM_HIT dirn:0:625325566
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:51:31 GMT
content-length: 47891
x-oss-object-type: Normal
last-modified: Sun, 24 Nov 2019 02:32:35 GMT
server: Tengine
etag: "0DAE4C71542F5A8F5858BBF6B4B8CACB"
ali-swift-global-savetime: 1654253490
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16342502823700331070
eagleid: 7250bb1c16542539893375373e
x-oss-server-time: 58

GET
H2 200 email-decode.min.js Show response
bankjd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 31ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankjd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bankjd.com
URL: https://bankjd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 May 2022 19:22:11 GMT
server: cloudflare
etag: W/"629124e3-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4wdeH5Mk6D%2Bajt1RLdcpvpKDoVO6oNKhxIze6d6LGoZ2GeJACp7CRbqwdFIgBtKnxSQj%2FoippS0oX4QWRcsJ5eUiHgTN8GPwMm3pZilHYpkRIyD%2BRX4hSyAEy9WlRtR1Oz7tRcRRcS8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7157ebdd7dbf0e1e-MXP
vary: Accept-Encoding
expires: Sun, 05 Jun 2022 10:59:47 GMT

GET
H2 200 ois20190114.js Show response
static.oneinstack.com/assets/ 203 KB
61 KB 1819ms
418ms Script
text/javascript 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oneinstack.com/assets/ois20190114.js
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:36:11 GMT
via: cache21.l2cn2656[0,0,304-0,H], cache44.l2cn2656[0,0], kunlun6.cn2364[0,0,200-0,H], kunlun8.cn2364[7,0]
x-oss-request-id: 6299E41BE3B51E393989AE0B
content-md5: CC5iM3IZ7F7//K/8Y/qkQA==
age: 1417
x-cache: HIT TCP_MEM_HIT dirn:0:45193187
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:36:25 GMT
content-encoding: gzip
x-oss-object-type: Normal
last-modified: Mon, 14 Jan 2019 05:54:34 GMT
server: Tengine
etag: W/"082E62337219EC5EFFFCAFFC63FAA440"
vary: Accept-Encoding
ali-swift-global-savetime: 1654252571
content-type: text/javascript
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 3207812737332285755
eagleid: 7250bb1c16542539889144015e
x-oss-server-time: 40

GET
H2 200 ad_buttom.html Show response
static.oneinstack.com/ Frame 7764 629 B
1002 B 1814ms
416ms Document
text/html 114.80.187.5
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oneinstack.com/ad_buttom.html
Requested by: Host: bankjd.com
URL: https://bankjd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 114.80.187.5 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea

Request headers

Referer: https://bankjd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 181
ali-swift-global-savetime: 1654253807
content-length: 629
content-md5: gWFx4w/zIFhZf/Kir0XzVw==
content-type: text/html
date: Fri, 03 Jun 2022 10:56:47 GMT
eagleid: 7250bb1c16542539889144014e
etag: "816171E30FF32058597FF2A2AF45F357"
last-modified: Mon, 16 Apr 2018 13:01:19 GMT
server: Tengine
timing-allow-origin: *
via: cache21.l2cn2656[86,86,304-0,M], cache14.l2cn2656[87,0], kunlun2.cn2364[0,0,200-0,H], kunlun8.cn2364[7,0]
x-cache: HIT TCP_MEM_HIT dirn:10:560602927
x-oss-cdn-auth: success
x-oss-hash-crc64ecma: 8982108081913538273
x-oss-object-type: Normal
x-oss-request-id: 6299E8EF94C77F383458F9EC
x-oss-server-time: 3
x-oss-storage-class: Standard
x-swift-cachetime: 3600
x-swift-savetime: Fri, 03 Jun 2022 10:56:47 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7764 114 KB
39 KB 60ms
25ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/ad_buttom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df63620ad54c0fdfc88e3a78a0c3ebd5c9b07b4ce695feac68457908ba9da116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39706
x-xss-protection: 0
server: cafe
etag: 7816683358640464026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:59:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/ Frame 7764 320 KB
114 KB 50ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4157113266001782&plah=static.oneinstack.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1f936f7c78d1ac5b871faee8353553bd7f8f344e5ceeb741649af76eb3cfe3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116406
x-xss-protection: 0
server: cafe
etag: 15285001766601315865
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:59:49 GMT

HEAD
H3 200 phpinfo.php Show response
bankjd.com/ 0
533 B 377ms
377ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankjd.com/phpinfo.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlGpIJbZj1Zes8E0%2FXvi54CaJgJhEniP9pwynePeWLV3j5Un8Je5T24%2FjXAL%2F6cDYBuRZrXDsGLMCtVjvidNQ2zQyiF81O1EVt4r81noayOW83b8b9S6tt2oWTjdxZCWu9SRouQYhFuE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7157ebea5bfe83a8-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 404 ocp.php Show response
bankjd.com/ 0
500 B 210ms
210ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankjd.com/ocp.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHHyIISU5QujgK8dlOaqMrJD6sx%2BRFpQCDHRcsLbsVWIa1j1D4BQEDSfRkX6h%2B%2FD9RnRP2GVqM0dcYcfUd7PPw7sVS9cysJLg%2FBIb2NK4ViSfFnVhAdPaeByaX5TxZipdpCkkeYEWvEX"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7157ebecbadb83a8-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 index.php Show response
bankjd.com/phpMyAdmin/ 0
1 KB 281ms
280ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankjd.com/phpMyAdmin/index.php

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Security-Policy	default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-ob_mode: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
x-robots-tag: noindex, nofollow
last-modified: Fri, 03 Jun 2022 10:59:50 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tet%2Bf93%2FlaVWGJdHAmZ8FiYpufAY4eeIGcVY7KrIWmdKv00qhvakQdDdmHiGutBkqTusHjJ%2Bwgv%2BRiCF5KabhsfC1gFb%2BeW4X4Yc0YjPWjpSHpvefJpZ4l8dtExnrhjpUBgs5OD%2Frjqo"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
expires: Fri, 03 Jun 2022 10:59:50 +0000
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
cf-ray: 7157ebee0ee483a8-MXP
x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';

HEAD
H3 200 xprober.php Show response
bankjd.com/ 0
500 B 214ms
214ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankjd.com/xprober.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankjd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J33P8eluw%2F%2B%2F6gleX%2FuUgCpnWrRA0Q7FV3oVrVlm3ha7sNu%2FCB3Ie9CGoZHd2u953zqjMocpobS2gg9tIWjvEoxdNE8HbszrYasjUauRW6RQrZPV1xEnKgnnRr6jnPaEwFytUxlbjpJd"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7157ebefcc0b83a8-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7764 107 B
792 B 38ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=static.oneinstack.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4157113266001782&plah=static.oneinstack.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jun 2022 10:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7764 107 B
549 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=static.oneinstack.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jun 2022 10:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2688 110 KB
33 KB 423ms
402ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654253989440&bpp=20&bdt=174&idt=1191&shv=r20220601&mjsv=m202205260101&ptt=5&saldr=sa&correlator=3896903320914&frm=22&ife=1&pv=2&ga_vid=593426630.1654253991&ga_sid=1654253991&ga_hid=942543426&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531608%2C31065721&oid=2&pvsid=1034427324336625&pem=716&uas=0&nvt=1&top=https%3A%2F%2Fbankjd.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5zftbxe717t2&fsb=1&xpc=uogrqkQM43&p=https%3A//static.oneinstack.com&dtd=1206

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03162fe6ba214caf29c2ea481c23065a2ea3d7aaf1fe2c329098fcbab1febbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33089
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 10:59:51 GMT
expires: Fri, 03 Jun 2022 10:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 2688 2 KB
984 B 29ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654253989440&bpp=20&bdt=174&idt=1191&shv=r20220601&mjsv=m202205260101&ptt=5&saldr=sa&correlator=3896903320914&frm=22&ife=1&pv=2&ga_vid=593426630.1654253991&ga_sid=1654253991&ga_hid=942543426&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531608%2C31065721&oid=2&pvsid=1034427324336625&pem=716&uas=0&nvt=1&top=https%3A%2F%2Fbankjd.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5zftbxe717t2&fsb=1&xpc=uogrqkQM43&p=https%3A//static.oneinstack.com&dtd=1206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 10:54:47 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 2688 21 KB
9 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 10:53:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 2688 3 KB
1 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 10:57:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2688 138 KB
43 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 10:59:51 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 2688 17 KB
7 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 10:55:14 GMT

GET
H2 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 2688 31 KB
13 KB 62ms
13ms Script
text/javascript 2a00:1450:4014:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 12:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 12:34:33 GMT

GET
H2

200

view_pixel_1x1.gif Show response
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame 2688
Redirect Chain

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-163300-122643-2&mkcid=4&mkevt=2&mpt=1253486393&gdpr=&gdpr_consent=&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=551583
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

43 B
548 B

49ms
7ms

Fetch
image/gif

104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Protocol

Server

104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-51.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: HIT from include-cache-3:80
x-cdn: AKAMAI
akamai-grn: , , , 0.9d6656b8.1654253991.b1bfd5fd
vary: Accept-Encoding
content-length: 57
x-xss-protection: 1; mode=block
server: ebay server
date: Fri, 03 Jun 2022 10:59:51 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9whhq%60uebwh*mows%7B%28rbpv6702-17dc4022cb9-0xc2
access-control-allow-headers: *
expires: Sat, 03 Jun 2023 10:59:51 GMT

Redirect headers

date: Fri, 03 Jun 2022 10:59:50 GMT
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version
x-ebay-pop-id: SLBRNOAZ03
strict-transport-security: max-age=31536000
location: https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
cache-control: private,no-cache,no-store
x-envoy-upstream-service-time: 177
rlogid: t6baubqsodf%3F%3Cumjgcp%60tqjfc*n%7F4%60i%28rbpv6713-1812938b642-0x232a
content-length: 0
server: ebay-proxy-server

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2688 0
0 67ms
52ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cwfo4pumZYr6WKpaHtweAlJLAC5qcpLRq5PuE3IQP3f6fpoAYEAEg9sGYFWCV4pCCoAegAe2DzcEDyAEJqQIZAX1J_QqyPqgDAcgDywSqBOIBT9BM08ug1yscim1lkbXj0d3C1TZCyT-huSS7PSB3I8J8TeZ1VX8XyVhOUef5IUtodY7Aqlkz4Hx8SS2MNt-diBUbCUmGtlAsW4MjBZWjUHLFk_G1gVOKmIKE1TaD03NJ5brM2D3OVJjfJ5-IgOI_Mopt9UNOuDEQgMzRbBcX8CakmTLwz4OzNy1BPLStDgt3V9OdtsOWdicdhT_OpoPnS6zF-QqGC9T9q7w2kSXI70CVt6A88WsO1T8d-Squsz1AxGhWFCF2HbI6sRCGg9YTKw_lYQRq2eCi-RazPYBXZve1U8AEksiu9uUDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_v7sj6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQoIIK0ggJCIDhgBAQARgfgAoByAsB2BMLiBQB0BUBmBYBgBcBshccChoIABIUcHViLTQxNTcxMTMyNjYwMDE3ODIYAA&sigh=csdMZKJoGk0&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654253989440&bpp=20&bdt=174&idt=1191&shv=r20220601&mjsv=m202205260101&ptt=5&saldr=sa&correlator=3896903320914&frm=22&ife=1&pv=2&ga_vid=593426630.1654253991&ga_sid=1654253991&ga_hid=942543426&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531608%2C31065721&oid=2&pvsid=1034427324336625&pem=716&uas=0&nvt=1&top=https%3A%2F%2Fbankjd.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5zftbxe717t2&fsb=1&xpc=uogrqkQM43&p=https%3A//static.oneinstack.com&dtd=1206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 03 Jun 2022 10:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Jun 2022 10:59:51 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2688 40 KB
40 KB 56ms
20ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSaJvnjM7qg7VoF5JHgWSIePozl26Qen6-BaMXd6mKpIz1P2IPoe9ZVt2KubLw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64dcdcf9a65bf1e1c09647519a151fb6ef6b53aa7cfd656ffd4b6be90bcee52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 18:00:25 GMT
x-content-type-options: nosniff
age: 61166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40686
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 07:15:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 02 Jun 2023 18:00:25 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2688 34 KB
35 KB 43ms
7ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS3xlJNkvIJWyh41eQCoQn6druEflv71EvKxs4WldGqg449tqGPivplAl0S2Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d425cb89ce923912a3b890f07f376ccf1780fa4cfd9bcbf1d71051e402905f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 23:44:49 GMT
x-content-type-options: nosniff
age: 299702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35199
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 01:53:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 May 2023 23:44:49 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2688 54 KB
54 KB 34ms
8ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTqETgk00-smD3H7v_nTDiyW49a3DEuGYxJob8oYGQ5BLBe0D5KEgHEWVFaWb0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b5d9c4451e218ec9ea323a9c1dcded25e0d74214cb2cc7d943c3a641849b189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 18:35:43 GMT
x-content-type-options: nosniff
age: 59048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54865
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 03:12:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 02 Jun 2023 18:35:43 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2688 18 KB
18 KB 61ms
13ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRhkpwpNEFe3LEjOiXN7ds4oi0JYQek0T2CLp-GT1vgg-rxcYEC&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a271c8acc8ce8ca4170ffb92aef58b491ac06dcb1d52c7787751e111bacf729d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 19:38:18 GMT
x-content-type-options: nosniff
age: 314493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18735
x-xss-protection: 0
last-modified: Fri, 16 Jul 2021 02:04:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 May 2023 19:38:18 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2688 63 KB
63 KB 54ms
19ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSKaN-br1u0yVoKQ4NG7S5-FhPSfweva9of7h9EyXUe-FeAM3Zon5GbedOK8cE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6e45086700bff04f00828b67027dfbca9c428d13234750d6a66bb7c94a32791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 22:05:55 GMT
x-content-type-options: nosniff
age: 564836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64831
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 06:39:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 27 May 2023 22:05:55 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2688 38 KB
38 KB 48ms
13ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRCYG3ntPdmiRLG82s6yqHxr91PcUnZDgJDrQ76MZYpFfmy8ESt8ve589eSZA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6af94defcfaf7bfec5e5b99e458d067d45644c86e3cd75ff540ca6463e04e716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 16:55:14 GMT
x-content-type-options: nosniff
age: 583477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38836
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 04:02:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 27 May 2023 16:55:14 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2688 31 KB
31 KB 54ms
8ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQN8wHSpHsfvAna7id8EmwED9lgr_3ikoRmuhNPvQHecHDsky4dZm2YzwNf458&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4376ab113ecdb0dbe98523362dc11ad5cf157a7d497127b6eebc515dc64eefd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 08:48:33 GMT
x-content-type-options: nosniff
age: 353478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31440
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 01:58:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 May 2023 08:48:33 GMT

GET
H3

200

2401371329490837093
tpc.googlesyndication.com/simgad/ Frame 2688
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34sLimAEQgAkYgQkyCLhTVvxEnQYN
https://tpc.googlesyndication.com/simgad/2401371329490837093

98 KB
98 KB

24ms
7ms

Image
image/jpeg

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2401371329490837093

Requested by

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270be58b040d0b59d87a4deea0ca09e1b49916b84858005cd3e3e1f2d302ba32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 20:00:56 GMT
x-content-type-options: nosniff
age: 226735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100649
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:23:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 May 2023 20:00:56 GMT

Redirect headers

date: Fri, 03 Jun 2022 00:45:58 GMT
x-content-type-options: nosniff
server: cafe
age: 36833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/2401371329490837093
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Jul 2022 00:45:58 GMT

GET
DATA 200
OK truncated
/ Frame 2688 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69368435b8d43f556480b86ebe84a5244d74b513c684e206301492b223e7a5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7764 14 KB
10 KB 35ms
21ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220601&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

246323e04a48dad3bcabd2230176f74d09df8c9181c69662f43761d397f44a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jun 2022 10:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10536
x-xss-protection: 0

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame F316 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 10:00:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7764 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 10:59:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5EDB 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 10:23:44 GMT
expires: Sat, 03 Jun 2023 10:23:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F1BF 783 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

902901c161a070213d22c32aa6325579a4c5786967495b87be3abead074e9d77

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xTgElZjAvyeB-wIns6T5Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-xTgElZjAvyeB-wIns6T5Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 10:59:51 GMT
expires: Fri, 03 Jun 2022 10:59:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EDB 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 10:00:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F1BF 0
0 57ms
57ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220601&jk=1034427324336625&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5EDB 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7CgIEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 10:59:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7764 0
0 78ms
78ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220601&jk=1034427324336625&bg=!Y2ClYCTNAAao8wy8iPM7ACkAdvg8Wk_JHtNTbD6Aeke1BUZhLcgoVy_Fbot1wYXmXB7se0M8W3OCWAIAAABKUgAAAARoAQeZAr0fhP0oNg4BugRkuJTt5ZBVgfXoktPngL4weVZVuTSvAM_v-Ram5dctDjOu_NI1AvWUpuOQfUxngR9Loa4qD0K7J6VEpRbk3zNUSg8B3x_flLyKR_hiUJNEZHjWGYgpumbYGxJ-u3Z74I7nYa8p-C45cCI1IKxWMYrlPVoGdvI9SiZJ2XxSh43N61Up_qfvArSlI2Bir1NqEirC6mFDNsdZq7FLHyXjIhRbbIE3xbD6bPr5sBvktJMsFWoPsFx8_b3DNrgHGwoG_hkA7JPuOiTeBmSupRwSxawwejJ-VQhsN2PiQ-YAYJxlNLGAiaPUumqVr-2qwb9Ioi4Wb7sFbd1TqPWfwahZ5H_PiqrGODsXBwqJ3l7ddFAbqnKve60JaohKgJCIdn-Xo-riYN_P6_1hcclzSbXhdSzbDtXSsyl6mOHQOp_MYvEIoN-XF9d3h2wn2UR2_fvBgrcBr-MENT0hWfRfVo2sIkQFmHL4GfMaFM8jngGHMGGhl3oxkZGxVHbUdu8zU4Q4A_hMlc_BWZVttw845scyNOQSO9MRO2u1RzRonz6ewbviavnIiLSTYR9ceC4BTd-2YlVwnBsF4u7fqVdqnl_QCUJlf-iZuHz0_t7vmLaNKuFSjQrwenI_PcC3OCUzM3lMBP9X1RTg5X4Pme_HrTRKmfh60w0MkgdIjPt5yOIqvgwXLfM1zYrLLuPrJfjHzGkekdnlDSh_NzGJ38dCYQlpDh2XxZfwcstDLS_oR7dc6TQk3bJezYB50ESpUWgFlqTXzSXQ42fIPVksqu6GWuK2Y5VnZdgA_xtRk7MQ7DriBxoz1xgkoym_4VssfVVwxRGqgyQFPD5ShN_tVwvCEqw6BHR1MBg3EKir4G67jxuZY8xx3gvS-eXwDu8kAG_r8UNEYe5tcddtdN9h3sp8I5GtV69624t-FA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2688 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUyHonhaZ9VguvoGccayb0vDXBrTtwqQtsFNyFFQYgzfekIXkSmVGPTHki9atCYaTh2zbKhkTYR1nHnD6JVflrThUcLRBtSJQQU7SPOWoR6qnmTQfvGl5bptWy&sai=AMfl-YQ377fbjTZT0SaK7PaRMOJ_wn3Q7bvZDQ6j3CM9vYlSMFD2EXnC-hwiD_KOtcGpiHUHi-WDsaXC7iqv&sig=Cg0ArKJSzI-J8DRaIxuIEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3499594460&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654253990647&rpt=535&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 10:59:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ebayadservices.com/marketingtracking/v1	1970-01-20 05:40:29	Name: adguid Value: a3e9358bfc93435897f37939f94bf110
bankjd.com/phpMyAdmin/	1970-01-20 04:14:05	Name: pma_lang_https Value: de
bankjd.com/phpMyAdmin/	1969-12-31 23:59:59	Name: phpMyAdmin_https Value: hb8r3k48g08s5t809vgc6e9g0a
.doubleclick.net/	1970-01-20 12:52:29	Name: IDE Value: AHWqTUmgMVhvgL0HennjSmP9VYQJ8wLZAtpCEAJEpBlS_KEpCUrL8VysrZ3Sf4EqbpA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36) Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bankjd.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
googleads.g.doubleclick.net
img.shields.io
pagead2.googlesyndication.com
secureir.ebaystatic.com
static.oneinstack.com
tpc.googlesyndication.com
www.ebayadservices.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.75.89.51
114.80.187.5
209.140.129.82
2606:4700:3034::ac43:813c
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:827::200e
2a00:1450:4014:80e::2003
2a06:98c1:3120::3
03162fe6ba214caf29c2ea481c23065a2ea3d7aaf1fe2c329098fcbab1febbb9
246323e04a48dad3bcabd2230176f74d09df8c9181c69662f43761d397f44a7a
2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
270be58b040d0b59d87a4deea0ca09e1b49916b84858005cd3e3e1f2d302ba32
2d425cb89ce923912a3b890f07f376ccf1780fa4cfd9bcbf1d71051e402905f5
2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5
434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340
4376ab113ecdb0dbe98523362dc11ad5cf157a7d497127b6eebc515dc64eefd1
49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64dcdcf9a65bf1e1c09647519a151fb6ef6b53aa7cfd656ffd4b6be90bcee52b
69368435b8d43f556480b86ebe84a5244d74b513c684e206301492b223e7a5a6
6af94defcfaf7bfec5e5b99e458d067d45644c86e3cd75ff540ca6463e04e716
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
72a2953e02d27e18441f20bcc24a588f2c5d9c16417e037b8af71c5dbb3aa64e
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b5d9c4451e218ec9ea323a9c1dcded25e0d74214cb2cc7d943c3a641849b189
902901c161a070213d22c32aa6325579a4c5786967495b87be3abead074e9d77
9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195
a22a5383430e915d8ab4c8689c6ee04940130b282db2fdd57e577ad1126772d8
a271c8acc8ce8ca4170ffb92aef58b491ac06dcb1d52c7787751e111bacf729d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6e45086700bff04f00828b67027dfbca9c428d13234750d6a66bb7c94a32791
b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02
b8e16ade5192e597f322741b340137a21dc9947febf9dc464f03a5421c782b80
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
df63620ad54c0fdfc88e3a78a0c3ebd5c9b07b4ce695feac68457908ba9da116
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f
f1f936f7c78d1ac5b871faee8353553bd7f8f344e5ceeb741649af76eb3cfe3f
f510208b9a91e7b867214ba22e49dda278b9a72e087ee1195691d259cbab43b8
f8ee909e2d4c114b0b251ad90903b8b68ec6c1d28b2b731e30b507b399e872f2

bankjd.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

80 %IPv6

11 Domains

16 Subdomains

15 IPs

4 Countries

1892 kBTransfer

2716 kBSize

4 Cookies

17 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bankjd.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

80 %
IPv6

11
Domains

16
Subdomains

15
IPs

4
Countries

1892 kB
Transfer

2716 kB
Size

4
Cookies

50 HTTP transactions
1 data transactions