nestbank.pl Open in urlscan Pro
193.105.248.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nestbank.pl/
Effective URL:
https://nestbank.pl/
Submission: On May 27 via manual (May 27th 2019, 12:56:25 pm UTC) from PL

Summary HTTP 60 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 8 domains to perform 60 HTTP transactions. The main IP is 193.105.248.157, located in Poland and belongs to NESTBANK, PL. The main domain is nestbank.pl.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on October 23rd 2018. Valid for: 2 years.

This is the only time nestbank.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	193.105.248.157 193.105.248.157	196999 (NESTBANK) (NESTBANK)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	147.75.32.173 147.75.32.173	54825 (PACKET) (PACKET - Packet Host)
1	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE - Google LLC)
2	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.80.178 147.75.80.178	54825 (PACKET) (PACKET - Packet Host)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
60	10

40 193.105.248.157 (Poland) 1 redirects

ASN196999 (NESTBANK, PL)
PTR: rev-193.105.248.157.fmbank.pl

nestbank.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.32.173 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-27

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.38 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.80.178 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-25

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	nestbank.pl 1 redirects nestbank.pl	1 MB
5	google-analytics.com www.google-analytics.com	41 KB
3	doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net googleads.g.doubleclick.net	4 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	90 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	google.com www.google.com Failed	117 B
1	googletagmanager.com www.googletagmanager.com	31 KB
0	google.de Failed www.google.de Failed
60	8

	Domain	Requested by
40	nestbank.pl	1 redirects nestbank.pl
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com nestbank.pl
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	googleads4.g.doubleclick.net	nestbank.pl
1	script.hotjar.com	static.hotjar.com
1	www.google.com	nestbank.pl
1	ad.doubleclick.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	nestbank.pl
0	www.google.de Failed	nestbank.pl
60	12

This site contains links to these domains. Also see Links.

Domain
login.nestbank.pl
v2.nestbank.pl
nestbank.prowly.com
nestapi.nestbank.pl
psd2api.nestbank.pl
play.google.com
itunes.apple.com
wyciagi.nestbank.pl

Subject Issuer	Validity	Valid
www.nestbank.pl GeoTrust EV RSA CA 2018	`2018-10-23` - `2020-12-21`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-07` - `2019-07-30`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-04-09` - `2019-07-08`	3 months	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-05-07` - `2019-07-30`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-04-09` - `2019-07-08`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-05-07` - `2019-07-30`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-04-09` - `2019-07-08`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-05-07` - `2019-07-30`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-05-07` - `2019-07-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://nestbank.pl/
Frame ID: B461A8D0E283F906355C194B0284D39B
Requests: 60 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 0460353C4A4539C2467610ABF9A11CCE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://nestbank.pl/ HTTP 301
https://nestbank.pl/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^google_tag_manager$/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

60
Requests

88 %
HTTPS

44 %
IPv6

8
Domains

12
Subdomains

10
IPs

5
Countries

1476 kB
Transfer

3659 kB
Size

12
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://login.nestbank.pl/login
Title: Zaloguj się

Search URL Search Domain Scan URL

URL: https://v2.nestbank.pl/uslugi/kursy-walut_new.html
Title: Wszystkie kursy walut

Search URL Search Domain Scan URL

URL: https://nestbank.prowly.com/
Title: Biuro prasowe

Search URL Search Domain Scan URL

URL: https://nestapi.nestbank.pl/
Title: Nest Bank API

Search URL Search Domain Scan URL

URL: https://psd2api.nestbank.pl/
Title: Portal dewelopera PSD 2

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=pl.nestbank.nestbank&hl=pl
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/nest-bank-nowy/id1386204117?l=pl&ls=1&mt=8
Title:

Search URL Search Domain Scan URL

URL: https://v2.nestbank.pl/uslugi/korzystne-kursy-walut_new.html
Title: Korzystne kursy walut

Search URL Search Domain Scan URL

URL: https://wyciagi.nestbank.pl/
Title: System wyciągów

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nestbank.pl/ HTTP 301
https://nestbank.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1781883351&gjid=1135242443&_gid=1128012539.1558961770&_u=YGBAgEADQ~&z=1336488396 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1781883351&_v=j75&z=1336488396

Request Chain 51

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-84885901-1&cid=1068474997.1558961770&jid=1779285703&gjid=1098902941&_gid=1128012539.1558961770&_u=aGDAgEADQ~&z=1056045355 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-1&cid=1068474997.1558961770&jid=1779285703&_v=j75&z=1056045355

Request Chain 52

https://www.google-analytics.com/r/collect?v=1&_v=j75&aip=1&t=data&ni=1&_s=1&dp=%2F&dt=&je=0&exp=9MJSeDKEQCmVRAqAnzG8tw.0&_u=aGDAAEADQ~&jid=1508355404&gjid=1746392349&cid=1068474997.1558961770&tid=UA-84885901-4&_gid=1128012539.1558961770&_r=1&gtm=2zg5f2TFCNM42&z=1527856168 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1508355404&_gid=1128012539.1558961770&gjid=1746392349&_v=j75&z=1527856168 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1508355404&_v=j75&z=1527856168

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
nestbank.pl/
Redirect Chain

http://nestbank.pl/
https://nestbank.pl/

52 KB
54 KB

706ms
48ms

Document
text/html

193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

9461a1c3019e585a3b6cd7e9b96ff7360ffa074ce84177e7b730a7bcc7b6e65c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: nestbank.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Set-Cookie: CMSPreferredCulture=pl-PL; expires=Wed, 27-May-2020 12:56:08 GMT; path=/; HttpOnly CMSCsrfCookie=PnRRP3VguvLZEEXYD1BXAY2ot29hU9r2wu21deSq; path=/; HttpOnly Nestbank_SessionId=k11mon04yxhj3vr1iqymp3k3; path=/; HttpOnly;Secure ARRAffinity=3d5441d89571ce0f61b9e95030305b098d5217064ce55b8594585ab22cb42258;Path=/;Domain=nestbank.pl SESSION=!vHAwrqwzqVc+zBoPzJSjwA6/fRH09SECu1mYMTKbELYAYpztVXFxiN8/bnQnoeVxrcLsRu97ySoa83E=; path=/; Httponly; Secure
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST
Access-Control-Allow-Headers: Content-Type
Access-Control-Expose-Headers: Paging-Headers
Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Date: Mon, 27 May 2019 12:56:07 GMT
Content-Length: 53329

Redirect headers

Location: https://nestbank.pl/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK app.css
nestbank.pl/App_Themes/NestBank/css/ 358 KB
55 KB 117ms
32ms Stylesheet
text/css 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/css/app.css

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

660d3ca852f0ba04c31d3ed87e3f9d76f2cf0d66085bf38982b651b6265a2196

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 55432
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 14 May 2019 07:34:20 GMT
X-Frame-Options: SAMEORIGIN
Date: Mon, 27 May 2019 12:56:07 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
ETag: "0e6687127ad51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK app.js Show response
nestbank.pl/App_Themes/NestBank/scripts/ 2 MB
487 KB 161ms
40ms Script
application/javascript 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/scripts/app.js

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

583f21b064686a40c1a08714995b089132aa2480addbf62127a569987db8aaf2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 497612
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 14 May 2019 07:34:20 GMT
X-Frame-Options: SAMEORIGIN
Date: Mon, 27 May 2019 12:56:07 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
ETag: "0e6687127ad51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
31 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

91d9e071036a51798c86de2acb7940c7863d99c6b8ce7646b14806ce5f3b9cce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 27 May 2019 12:56:08 GMT
content-encoding: br
last-modified: Fri, 24 May 2019 18:18:32 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 31606
x-xss-protection: 0
expires: Mon, 27 May 2019 12:56:08 GMT

GET
H/1.1 200
OK WebResource.axd Show response
nestbank.pl/ 23 KB
24 KB 152ms
35ms Script
application/x-javascript 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDCRZPFpHuFTc287VTTtwjk_CRWP4bZGk9h9F35wCJsa56o5uH8fWjuVMpadCVGA_g2&t=636776761224055265

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 13 Nov 2018 02:22:02 GMT
Date: Mon, 27 May 2019 12:56:07 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public
X-Content-Type-Options: nosniff
Access-Control-Allow-Headers: Content-Type
Content-Length: 23063
X-XSS-Protection: 1; mode=block
Expires: Mon, 25 May 2020 13:25:25 GMT

GET
H/1.0 200
OK GetResource.ashx Show response
nestbank.pl/CMSPages/ 121 B
200 B 241ms
30ms Script
text/html 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://nestbank.pl/CMSPages/GetResource.ashx?scriptfile=~%2FCMSScripts%2FWebServiceCall.js
Requested by: Host: nestbank.pl
URL: https://nestbank.pl/
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),
Reverse DNS: rev-193.105.248.157.fmbank.pl
Software: BigIP /
Resource Hash: 640efc59b1019aad72a66017bda124cecd41bad309ad11cae3c7c1dd63c0a9fe

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 121
Server: BigIP

GET
H/1.1 200
OK ScriptResource.axd Show response
nestbank.pl/ 100 KB
26 KB 274ms
32ms Script
application/x-javascript 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvtXnPb-cvehZUAS9-V582oJMD6jendtYSXZz_GOBeeHkcDrHJI2Mr3o1HMFixodzwEjiRQuMQ2_vAMO2P-KZDyPCRv-uD1K8yxxLdarokpTfv2SO-pjowM4ezA78Jk2SxtvEj-G15oq9g-GEfNax7ow1&t=ffffffff999c3159

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 25609
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sun, 26 May 2019 13:25:31 GMT
Date: Mon, 27 May 2019 12:56:07 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 25 May 2020 13:25:31 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
nestbank.pl/ 39 KB
11 KB 307ms
32ms Script
application/x-javascript 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OGP6kq2remsSq2n9_-XLKPge79ht4b0PEWjXT9FoJ15d_Myzqd5YlazAKpDpoyypBJajB4WyQu50tus8oKeuKV9at45w-M28TzsCCljplfSrzErGu_e582631ayfJW35zuOFfFW9Mg9veJqsftDoZw81&t=ffffffff999c3159

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 9984
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sun, 26 May 2019 13:25:25 GMT
Date: Mon, 27 May 2019 12:56:07 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 25 May 2020 13:25:25 GMT

GET
H/1.1 200
OK nestbank-logo.png
nestbank.pl/NestBank/media/NestBank/Struktura%20serwisu/ 7 KB
9 KB 244ms
32ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Struktura%20serwisu/nestbank-logo.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

698d4de529adea7d1ee84768978697137241c37d2943478ba63ee27123fbc6c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 13 Nov 2018 09:57:10 GMT
ETag: "09f583e377bd41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 7552
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NEST-Ignacy-rece-X.png
nestbank.pl/NestBank/media/NestBank/Konta%20-%20oficjalne%20grafiki/Konta_605x605/ 168 KB
169 KB 166ms
34ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Konta%20-%20oficjalne%20grafiki/Konta_605x605/NEST-Ignacy-rece-X.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

b5ccb9ed43aa3e0cdeaac4b164fe162665dfb4df2d367a2ecd25d896f6efe1ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 29 Mar 2019 13:09:38 GMT
ETag: "095aba930e6d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 172050
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NEST_Nest-Lokata-Witaj_346x326.png
nestbank.pl/NestBank/media/NestBank/Oszcz%C4%99dno%C5%9Bci%20i%20Inwestycje%20-%20oficjalne%20grafiki/346x326/ 68 KB
69 KB 42ms
36ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Oszcz%C4%99dno%C5%9Bci%20i%20Inwestycje%20-%20oficjalne%20grafiki/346x326/NEST_Nest-Lokata-Witaj_346x326.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

4751ebfb67f392142702092b4c928a218ba9ff19307b55bbbfde9455afb31a48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Feb 2019 10:43:52 GMT
ETag: "064a5adf6c1d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 69681
X-XSS-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 May 2019 01:33:03 GMT
server: Golfe2
age: 5016
date: Mon, 27 May 2019 11:32:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17779
expires: Mon, 27 May 2019 13:32:33 GMT

GET
H2 200 hotjar-1222140.js Show response
static.hotjar.com/c/ 7 KB
3 KB 44ms
41ms Script
application/javascript 147.75.32.173
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1222140.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.32.173 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-27

Software

openresty /

Resource Hash

b85a755555abe2ff6ad30bcf52bcf07656d64b3ab8b9528350634585a1ce1808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 27 May 2019 12:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 23
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 2460
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/bef684d8c053a3e33b69f8b42ba5ee3b
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.072
accept-ranges: bytes
section-io-id: 25934a23f2d1336ec1c5d7d2dc6c2c51

GET
H/1.1 200
OK Nest_gotowka_na_klik_346_326.png
nestbank.pl/NestBank/media/NestBank/Kredyty%20oficjalne%20grafiki/346x326/ 95 KB
96 KB 36ms
33ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kredyty%20oficjalne%20grafiki/346x326/Nest_gotowka_na_klik_346_326.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

0e0a02d77dbc7c192e20fff4ec6972b074edde0868dc9c0d2b1477e20cf35b4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 21 Mar 2019 14:03:00 GMT
ETag: "02e8caeedfd41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 97625
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Nestbank_bankowosc_mobilna_346_326.png
nestbank.pl/NestBank/media/NestBank/Bankowo%C5%9B%C4%87%20elektroniczna%20-%20oficjalne%20grafiki/346x326/ 87 KB
88 KB 34ms
32ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Bankowo%C5%9B%C4%87%20elektroniczna%20-%20oficjalne%20grafiki/346x326/Nestbank_bankowosc_mobilna_346_326.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

ccfaaf286e246e4f54da8fcb5cf435fe58f4409e84d927c22f624e6f8b822538

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 26 Mar 2019 12:29:52 GMT
ETag: "0a0439ccfe3d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 88947
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Nestbank_saszetki__346_326.png
nestbank.pl/NestBank/media/NestBank/Bankowo%C5%9B%C4%87%20elektroniczna%20-%20oficjalne%20grafiki/346x326/ 103 KB
104 KB 103ms
32ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Bankowo%C5%9B%C4%87%20elektroniczna%20-%20oficjalne%20grafiki/346x326/Nestbank_saszetki__346_326.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

ee9a83df1e7c6629e3f4bd412f3492a8d7fa57020ca10f84113c41e1bd9b0ef2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 26 Mar 2019 12:29:24 GMT
ETag: "02a938bcfe3d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 105065
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK czech.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
2 KB 110ms
39ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/czech.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

d87c3470774af78d1ce5df2c91bec0f7950b472c66ad0d51c5c553601c3d4033

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:08 GMT
ETag: "0e41db0adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1086
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK spadek
nestbank.pl/getmedia/1079abf7-ec60-46b3-ba8b-12b5028e50b8/ 161 B
1 KB 245ms
41ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/1079abf7-ec60-46b3-ba8b-12b5028e50b8/spadek

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

6c8cfcecf509daa3cb6e739125201f2da11659d0f9948deb7dc757441d1744e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="spadek.png"
Content-Length: 161
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 23 Feb 2019 06:24:22 GMT
Date: Mon, 27 May 2019 12:56:07 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "2/23/2019 6:24:22 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 27 May 2019 12:56:09 GMT

GET
H/1.1 200
OK szwecja.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 972 B
2 KB 247ms
31ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/szwecja.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

8d85e92e1225118f4a66a214e6c474ccf2375e5beaef9710b7b6127a8c77e20a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:12 GMT
ETag: "03e80b2adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 972
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wzrost
nestbank.pl/getmedia/547958e5-d840-4ca5-a392-597a12401e2c/ 154 B
1 KB 233ms
38ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/547958e5-d840-4ca5-a392-597a12401e2c/wzrost

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

6f57c2d49d5f317beed68fd7d4ccad08c4f96f7198a7532db2c35250e08039f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="wzrost.png"
Content-Length: 154
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 23 Feb 2019 06:24:23 GMT
Date: Mon, 27 May 2019 12:56:07 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "2/23/2019 6:24:23 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 27 May 2019 12:56:09 GMT

GET
H/1.1 200
OK norwegia.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
2 KB 227ms
32ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/norwegia.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

431f43d2082371f7ec0fb013b2b697197aff18c31d7ce5fc56453ea56f0bb663

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1067
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dania.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1004 B
2 KB 134ms
33ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/dania.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

64621744ef4b5ca3f3cc31ff7f6b17cfd9fc87e3deaae9a93be3d7e5a6572a23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:08 GMT
ETag: "0e41db0adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1004
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK rumunia.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 909 B
2 KB 125ms
32ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/rumunia.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

f3109f4279010cd19bca5392b782dd9c0440da72bcbc4ef34e00431afddbad6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 909
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wegry.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 867 B
2 KB 109ms
33ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/wegry.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

25be8e779bfca44d1404c54a6b38480d0fc644486e3c9665e846b14ecbcde1e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:12 GMT
ETag: "03e80b2adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 867
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK japan.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 785 B
2 KB 167ms
31ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/japan.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

b36331701bbc2b2847dc10a919d003111a359291aadd5935d15921f5a4524249

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:08 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 785
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK szwajcaria.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 787 B
2 KB 140ms
32ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/szwajcaria.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

4831b4ad5b53444cd0cace4f2da847605ea51d363400bbefcc5855afd20e7834

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:08 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 787
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK stany.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
2 KB 157ms
31ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/stany.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

3cc6dadf854a3adcb716879159fbe6748a564c546d962fde0d0d9f4298f48f6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:08 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1357
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK europa.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
2 KB 145ms
39ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/europa.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

8cdd44c48196c3921bff4dfd4799ecdec1179cacdf579582931eafdb31193a75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:08 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1109
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK uk.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
2 KB 108ms
33ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/uk.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

f2f335dcd49d10880c6a74f6403b7571b86b68122fff00dd5e0e195216233fef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:12 GMT
ETag: "03e80b2adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:08 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1333
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK phone
nestbank.pl/getmedia/4ce604fb-e783-4c85-adc1-5f262c4b66c3/ 2 KB
3 KB 135ms
38ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/4ce604fb-e783-4c85-adc1-5f262c4b66c3/phone

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

c1bf6f27abe617b4c181dcac6f19dbf68c727b34e446fadb9394207c659aedc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="phone.png"
Content-Length: 2254
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 17:54:53 GMT
Date: Mon, 27 May 2019 12:56:08 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/20/2018 5:54:53 PM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 27 May 2019 12:56:10 GMT

GET
H/1.1 200
OK letter
nestbank.pl/getmedia/3807a5b4-3981-47f2-9b73-ab4d3c811d4a/ 1 KB
2 KB 127ms
48ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/3807a5b4-3981-47f2-9b73-ab4d3c811d4a/letter

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

c57d348c99771c6acda3ebcfde05476cb280aec352be851917b0774313cb63a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="letter.png"
Content-Length: 1037
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 17:54:53 GMT
Date: Mon, 27 May 2019 12:56:08 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/20/2018 5:54:53 PM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 27 May 2019 12:56:10 GMT

GET
H/1.1 200
OK marker
nestbank.pl/getmedia/e664bb43-9970-4344-84eb-ae76950d49a6/ 2 KB
3 KB 145ms
39ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/e664bb43-9970-4344-84eb-ae76950d49a6/marker

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

c391e5ed80467263d2dac3055a008ea70e6d8d1adcf4ee4b9255716f3be918f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="marker.png"
Content-Length: 2206
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 17:54:53 GMT
Date: Mon, 27 May 2019 12:56:08 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/20/2018 5:54:53 PM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 27 May 2019 12:56:10 GMT

GET
H/1.1 200
OK help
nestbank.pl/getmedia/93287e11-e5a0-475a-8659-5ea18c7d11f8/ 2 KB
4 KB 125ms
37ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/93287e11-e5a0-475a-8659-5ea18c7d11f8/help

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

4207a8834a49108a620b320188c08cc3e7bda6a0d8a21d1e8f3fcd9803a52f01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="help.png"
Content-Length: 2432
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 17:54:52 GMT
Date: Mon, 27 May 2019 12:56:08 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/20/2018 5:54:52 PM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 27 May 2019 12:56:10 GMT

GET
H/1.1 200
OK google-play
nestbank.pl/getmedia/1afe2e42-7221-4df4-8115-0e172d737b5d/ 4 KB
5 KB 125ms
57ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/1afe2e42-7221-4df4-8115-0e172d737b5d/google-play

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

09fc6b253a6dcda9ce632eaf1ab674a2dd967c84c59ead2a923a75d9c2b3c5c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="google-play.png"
Content-Length: 3998
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 14 Nov 2018 10:08:43 GMT
Date: Mon, 27 May 2019 12:56:08 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/14/2018 10:08:43 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 27 May 2019 12:56:10 GMT

GET
H/1.1 200
OK app-store
nestbank.pl/getmedia/b9bfd39e-bc9a-488d-9909-bd3a2123b690/ 4 KB
5 KB 110ms
43ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/b9bfd39e-bc9a-488d-9909-bd3a2123b690/app-store

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

8519253787cc3c1e2f4c4ce708408abea0435b7064232495dc37cf6c7751d55f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="app-store.png"
Content-Length: 3587
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 14 Nov 2018 10:08:43 GMT
Date: Mon, 27 May 2019 12:56:08 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/14/2018 10:08:43 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 27 May 2019 12:56:10 GMT

GET
H/1.1 200
OK cookie
nestbank.pl/getmedia/b440e91a-1f91-4cd1-9bf5-ff0768912ae5/ 3 KB
4 KB 48ms
36ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/b440e91a-1f91-4cd1-9bf5-ff0768912ae5/cookie

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

953c16dcfd4919912843903ad0a83777a71e33da9a8bf1a93b6fa4cef07299f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="cookie.png"
Content-Length: 2842
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Nov 2018 07:28:31 GMT
Date: Mon, 27 May 2019 12:56:08 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/22/2018 7:28:31 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Mon, 27 May 2019 12:56:09 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 B20858496.216254122;sz=1x2;ord=1474221496;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/adj/N9439.197812NSO.CODESRV/ 7 KB
3 KB 37ms
36ms Script
text/javascript 216.58.208.38
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N9439.197812NSO.CODESRV/B20858496.216254122;sz=1x2;ord=1474221496;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f6.1e100.net

Software

cafe /

Resource Hash

8566c8c880672263b4e938144e8fbfe6752afbd99a8fd42f2b88f5e496bc75c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 May 2019 12:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2520
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 64 KB
23 KB 37ms
34ms Script
application/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TFCNM42&t=gtm2&cid=1068474997.1558961770

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

d313a11c296027595e5d716cdb1d5bd4b18fb38356dea8360aae9601e4d09016

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 27 May 2019 12:56:09 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 23603
x-xss-protection: 0
expires: Mon, 27 May 2019 12:56:09 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 14ms
12ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j75&a=1279941473&t=pageview&_s=1&dl=https%3A%2F%2Fnestbank.pl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEADQ~&jid=1781883351&gjid=1135242443&cid=1068474997.1558961770&tid=UA-84885901-4&_gid=1128012539.1558961770&gtm=2wg5f2WJHPTHT&cg1=&cd1=&z=1952726617

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2019 21:31:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6881070
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1781883351&gjid=1135242443&_gid=1128012539.1558961770&_u=YGBAgEADQ~&z=1336488396
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1781883351&_v=j75&z=1336488396

0
0

GET
H2 200 modules.1182aa5888dc50b2a192.js Show response
script.hotjar.com/ 421 KB
88 KB 22ms
19ms Script
application/javascript 147.75.32.173
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.1182aa5888dc50b2a192.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1222140.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.32.173 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-27

Software

Resource Hash

cc2eecb4b46a53b72d46c6ecd94eccf233fb58d4405217154ff9d1582e32d369

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 27 May 2019 12:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 May 2019 12:13:20 GMT
access-control-allow-origin: *
etag: W/"388833b9807255a8e90f641e9fc0a7c3"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.027
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: e289d5cc1b60ccc0fe879a6c656392be
content-length: 89257

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
340 B 296ms
19ms Image
image/gif 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusYd6p-CNwOoDAMoEDLJ9L51LcqIY1Kv2btKNu2LIWM5Qo9ZgXQ_ZTToMSReIdG2ye8YxJ8XG-x0w5D5b_I2q8fSlP48ks-oPYCs69GohhcVjQ&sig=Cg0ArKJSzBfBLRZx7sIrEAE&urlfix=1&adurl=

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 27 May 2019 12:56:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 May 2019 12:56:09 GMT

GET
H/1.1 200
OK check.svg
nestbank.pl/App_Themes/NestBank/images/svg/ 1 KB
2 KB 39ms
31ms Image
image/svg+xml 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/App_Themes/NestBank/images/svg/check.svg?FHlQ1

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

11a81ffecd8b8c0f67661b5c21d2005f177ec7b4c3c9146470819fe5b5a3741b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 18:22:12 GMT
ETag: "022a3f4fd80d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1028
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK small-arrow-right.svg
nestbank.pl/App_Themes/NestBank/images/svg/ 1 KB
2 KB 51ms
32ms Image
image/svg+xml 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/App_Themes/NestBank/images/svg/small-arrow-right.svg?2wAJw

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

047d0fc4451fb67490dab3296ba22d112cd05e1504abf60dfe0f1eda73db8e4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 18:22:12 GMT
ETag: "022a3f4fd80d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1107
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK lato-regular-webfont.woff2
nestbank.pl/App_Themes/NestBank/statics/fonts/lato/ 21 KB
23 KB 56ms
32ms Font
application/font-woff2 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/statics/fonts/lato/lato-regular-webfont.woff2?3-tUS

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

c67cac87953aa5ab7427b1ea39da576190d2e2fd06f0b00d288c7dadb6d2baef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
Origin: https://nestbank.pl

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 08 Jan 2019 15:42:14 GMT
ETag: "04f6ba68a7d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 21860
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK lato-bold-webfont.woff2
nestbank.pl/App_Themes/NestBank/statics/fonts/lato/ 20 KB
21 KB 79ms
31ms Font
application/font-woff2 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/statics/fonts/lato/lato-bold-webfont.woff2?2_Hxv

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

5824aea78dcee0f48c3f4e29ddf336419a10f482089ddc52663151f5313babe1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
Origin: https://nestbank.pl

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 08 Jan 2019 15:42:14 GMT
ETag: "04f6ba68a7d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 20660
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK IconFont.woff
nestbank.pl/App_Themes/NestBank/fonts/ 4 KB
6 KB 84ms
32ms Font
application/x-font-woff 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/fonts/IconFont.woff?9FuJ8

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

81e081d72405af4c18b19f26b74b94de0e110c66e79b0d7bdf173e1671c5e33b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
Origin: https://nestbank.pl

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 08 Apr 2019 21:57:14 GMT
ETag: "0593f656eed41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Mon, 27 May 2019 12:56:07 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 4508
X-XSS-Protection: 1; mode=block

GET ga-audiences
www.google.de/ads/ 0
0

GET
H/1.1 200
OK active Show response
nestbank.pl/api/alert/ 4 B
1 KB 90ms
58ms XHR
application/json 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/api/alert/active

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/App_Themes/NestBank/scripts/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 , Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://nestbank.pl/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com;
X-Content-Type-Options: nosniff
Date: Mon, 27 May 2019 12:56:07 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: no-cache
Access-Control-Allow-Headers: Content-Type
Content-Length: 4
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Expires: -1

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 0460 0
0 18ms
16ms Document
text/html 147.75.80.178
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1222140.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.80.178 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-25
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://nestbank.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://nestbank.pl/

Response headers

status: 200
date: Mon, 27 May 2019 12:56:10 GMT
content-type: text/html
content-length: 967
cache-control: max-age=31536000
last-modified: Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status: 200
section-io-origin-time-seconds: 0.024
etag: W/"90f3a29ef7448451db5af955688970d7"
content-encoding: gzip
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 08c1168e1c6507ee0b442ea3e628836f

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 16ms
8ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j75&a=1279941473&t=pageview&_s=1&dl=https%3A%2F%2Fnestbank.pl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=1779285703&gjid=1098902941&cid=1068474997.1558961770&tid=UA-84885901-1&_gid=1128012539.1558961770&gtm=2wg5f2WJHPTHT&cg1=&cd1=&z=2049291596

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2019 21:31:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6881071
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-84885901-1&cid=1068474997.1558961770&jid=1779285703&gjid=1098902941&_gid=1128012539.1558961770&_u=aGDAgEADQ~&z=1056045355
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-1&cid=1068474997.1558961770&jid=1779285703&_v=j75&z=1056045355

0
0

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j75&aip=1&t=data&ni=1&_s=1&dp=%2F&dt=&je=0&exp=9MJSeDKEQCmVRAqAnzG8tw.0&_u=aGDAAEADQ~&jid=1508355404&gjid=1746392349&cid=1068474997.1558961770&tid=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1508355404&_gid=1128012539.1558961770&gjid=1746392349&_v=j75&z=1527856168
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1508355404&_v=j75&z=1527856168

0
0

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 18ms
17ms Script
text/javascript 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 27 May 2019 12:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8870
x-xss-protection: 0
server: cafe
etag: 2606668133852809251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 May 2019 12:56:10 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 6ms
6ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j75&a=1279941473&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnestbank.pl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=scroll%20depth&ea=%2F&el=25%25&_u=aGDAAEADQ~&jid=&gjid=&cid=1068474997.1558961770&tid=UA-84885901-4&_gid=1128012539.1558961770&gtm=2wg5f2WJHPTHT&cg1=&cd1=&z=1552905906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2019 21:31:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6881071
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819543010/ 2 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819543010/?random=1558961770251&cv=9&fst=1558961770251&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fnestbank.pl%2F&tiba=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a801d7bddf5b520ba4a289efc99ca3ba2a59062ae656e02eeeb6aac871c47ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 May 2019 12:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 979
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819543010/ 42 B
117 B 28ms
27ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819543010/?random=1558961770251&cv=9&fst=1558958400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fnestbank.pl%2F&tiba=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&async=1&fmt=3&cdct=2&is_vtc=1&random=2972357795&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 May 2019 12:56:10 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/819543010/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1781883351&_v=j75&z=1336488396

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1781883351&_v=j75&z=1336488396&slf_rd=1&random=3170207865

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-1&cid=1068474997.1558961770&jid=1779285703&_v=j75&z=1056045355

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1508355404&_v=j75&z=1527856168

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-1&cid=1068474997.1558961770&jid=1779285703&_v=j75&z=1056045355&slf_rd=1&random=1205523318

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=1068474997.1558961770&jid=1508355404&_v=j75&z=1527856168&slf_rd=1&random=98207720

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/819543010/?random=1558961770251&cv=9&fst=1558958400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fnestbank.pl%2F&tiba=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&async=1&fmt=3&cdct=2&is_vtc=1&random=2972357795&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nestbank.pl/	1969-12-31 23:59:59	Name: ARRAffinity Value: 3d5441d89571ce0f61b9e95030305b098d5217064ce55b8594585ab22cb42258
.nestbank.pl/	1970-01-19 02:57:07	Name: _gaexp Value: GAX1.2.9MJSeDKEQCmVRAqAnzG8tw.18123.0
nestbank.pl/	1969-12-31 23:59:59	Name: SESSION Value: !vHAwrqwzqVc+zBoPzJSjwA6/fRH09SECu1mYMTKbELYAYpztVXFxiN8/bnQnoeVxrcLsRu97ySoa83E=
.nestbank.pl/	1970-01-19 01:02:41	Name: _dc_gtm_UA-84885901-4 Value: 1
.nestbank.pl/	1970-01-19 01:02:41	Name: _gat_UA-84885901-4 Value: 1
.nestbank.pl/	1970-01-19 01:04:08	Name: _gid Value: GA1.2.1128012539.1558961770
.nestbank.pl/	1970-01-19 18:33:53	Name: _ga Value: GA1.2.1068474997.1558961770
nestbank.pl/	1969-12-31 23:59:59	Name: Nestbank_SessionId Value: k11mon04yxhj3vr1iqymp3k3
nestbank.pl/	1969-12-31 23:59:59	Name: CMSCsrfCookie Value: PnRRP3VguvLZEEXYD1BXAY2ot29hU9r2wu21deSq
nestbank.pl/	1969-12-31 23:59:59	Name: scrpt Value: 1
.nestbank.pl/	1970-01-19 01:02:41	Name: _dc_gtm_UA-84885901-1 Value: 1
nestbank.pl/	1970-01-19 09:49:44	Name: CMSPreferredCulture Value: pl-PL

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net *.hotjar.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
nestbank.pl
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.google.com
www.google.de
147.75.32.173
147.75.80.178
172.217.23.162
193.105.248.157
216.58.208.38
2a00:1450:4001:814::200e
2a00:1450:4001:818::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::2008
047d0fc4451fb67490dab3296ba22d112cd05e1504abf60dfe0f1eda73db8e4e
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
09fc6b253a6dcda9ce632eaf1ab674a2dd967c84c59ead2a923a75d9c2b3c5c7
0e0a02d77dbc7c192e20fff4ec6972b074edde0868dc9c0d2b1477e20cf35b4d
11a81ffecd8b8c0f67661b5c21d2005f177ec7b4c3c9146470819fe5b5a3741b
25be8e779bfca44d1404c54a6b38480d0fc644486e3c9665e846b14ecbcde1e7
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3cc6dadf854a3adcb716879159fbe6748a564c546d962fde0d0d9f4298f48f6a
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4207a8834a49108a620b320188c08cc3e7bda6a0d8a21d1e8f3fcd9803a52f01
431f43d2082371f7ec0fb013b2b697197aff18c31d7ce5fc56453ea56f0bb663
4751ebfb67f392142702092b4c928a218ba9ff19307b55bbbfde9455afb31a48
4831b4ad5b53444cd0cace4f2da847605ea51d363400bbefcc5855afd20e7834
5824aea78dcee0f48c3f4e29ddf336419a10f482089ddc52663151f5313babe1
583f21b064686a40c1a08714995b089132aa2480addbf62127a569987db8aaf2
640efc59b1019aad72a66017bda124cecd41bad309ad11cae3c7c1dd63c0a9fe
64621744ef4b5ca3f3cc31ff7f6b17cfd9fc87e3deaae9a93be3d7e5a6572a23
660d3ca852f0ba04c31d3ed87e3f9d76f2cf0d66085bf38982b651b6265a2196
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
698d4de529adea7d1ee84768978697137241c37d2943478ba63ee27123fbc6c2
6c8cfcecf509daa3cb6e739125201f2da11659d0f9948deb7dc757441d1744e7
6f57c2d49d5f317beed68fd7d4ccad08c4f96f7198a7532db2c35250e08039f0
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
81e081d72405af4c18b19f26b74b94de0e110c66e79b0d7bdf173e1671c5e33b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8519253787cc3c1e2f4c4ce708408abea0435b7064232495dc37cf6c7751d55f
8566c8c880672263b4e938144e8fbfe6752afbd99a8fd42f2b88f5e496bc75c6
8cdd44c48196c3921bff4dfd4799ecdec1179cacdf579582931eafdb31193a75
8d85e92e1225118f4a66a214e6c474ccf2375e5beaef9710b7b6127a8c77e20a
91d9e071036a51798c86de2acb7940c7863d99c6b8ce7646b14806ce5f3b9cce
9461a1c3019e585a3b6cd7e9b96ff7360ffa074ce84177e7b730a7bcc7b6e65c
953c16dcfd4919912843903ad0a83777a71e33da9a8bf1a93b6fa4cef07299f3
a801d7bddf5b520ba4a289efc99ca3ba2a59062ae656e02eeeb6aac871c47ac5
b36331701bbc2b2847dc10a919d003111a359291aadd5935d15921f5a4524249
b5ccb9ed43aa3e0cdeaac4b164fe162665dfb4df2d367a2ecd25d896f6efe1ad
b85a755555abe2ff6ad30bcf52bcf07656d64b3ab8b9528350634585a1ce1808
c1bf6f27abe617b4c181dcac6f19dbf68c727b34e446fadb9394207c659aedc6
c391e5ed80467263d2dac3055a008ea70e6d8d1adcf4ee4b9255716f3be918f5
c57d348c99771c6acda3ebcfde05476cb280aec352be851917b0774313cb63a3
c67cac87953aa5ab7427b1ea39da576190d2e2fd06f0b00d288c7dadb6d2baef
cc2eecb4b46a53b72d46c6ecd94eccf233fb58d4405217154ff9d1582e32d369
ccfaaf286e246e4f54da8fcb5cf435fe58f4409e84d927c22f624e6f8b822538
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
d313a11c296027595e5d716cdb1d5bd4b18fb38356dea8360aae9601e4d09016
d87c3470774af78d1ce5df2c91bec0f7950b472c66ad0d51c5c553601c3d4033
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee9a83df1e7c6629e3f4bd412f3492a8d7fa57020ca10f84113c41e1bd9b0ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f335dcd49d10880c6a74f6403b7571b86b68122fff00dd5e0e195216233fef
f3109f4279010cd19bca5392b782dd9c0440da72bcbc4ef34e00431afddbad6c

nestbank.pl Open in urlscan Pro 193.105.248.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

88 %HTTPS

44 %IPv6

8 Domains

12 Subdomains

10 IPs

5 Countries

1476 kBTransfer

3659 kBSize

12 Cookies

9 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nestbank.pl Open in urlscan Pro
193.105.248.157 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

88 %
HTTPS

44 %
IPv6

8
Domains

12
Subdomains

10
IPs

5
Countries

1476 kB
Transfer

3659 kB
Size

12
Cookies

60 HTTP transactions
1 data transactions