www.genevabt.com Open in urlscan Pro
18.210.0.83 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.genevabt.com/personal/resources/security/malware-ransomware.html
Submission: On May 03 via manual (May 3rd 2022, 7:13:20 pm UTC) from IN — Scanned from DE

Summary HTTP 70 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 17 domains to perform 70 HTTP transactions. The main IP is 18.210.0.83, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.genevabt.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on March 8th 2022. Valid for: a year.

This is the only time www.genevabt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	18.210.0.83 18.210.0.83	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.33.1.123 23.33.1.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.229.233.123 192.229.233.123	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.252.147.157 34.252.147.157	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	63.32.228.167 63.32.228.167	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.32.199 34.248.32.199	16509 (AMAZON-02) (AMAZON-02)
1	34.247.205.50 34.247.205.50	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
70	18

29 18.210.0.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-0-83.compute-1.amazonaws.com

www.genevabt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webassets.wintrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.33.1.123 (Milan, Italy) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-33-1-123.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.123 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

cloud.typenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.147.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-147-157.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.228.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-228-167.eu-west-1.compute.amazonaws.com

wintrust.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

wintrustfinancialcorporation.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.32.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-32-199.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.205.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-50.eu-west-1.compute.amazonaws.com

wintrustfinancialcor.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	genevabt.com www.genevabt.com	3 MB
6	google.de www.google.de — Cisco Umbrella Rank: 3632	1 KB
6	google.com www.google.com — Cisco Umbrella Rank: 20	1 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	7 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 469	134 KB
3	omtrdc.net wintrustfinancialcorporation.sc.omtrdc.net — Cisco Umbrella Rank: 869686 wintrustfinancialcor.tt.omtrdc.net — Cisco Umbrella Rank: 773692	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	143 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 283 wintrust.demdex.net — Cisco Umbrella Rank: 773691	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	387 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	52 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1413	517 B
1	typenetwork.com cloud.typenetwork.com — Cisco Umbrella Rank: 34865	2 KB
1	wintrust.com webassets.wintrust.com — Cisco Umbrella Rank: 959451	401 KB
1	typography.com 1 redirects cloud.typography.com — Cisco Umbrella Rank: 7238	445 B
70	17

	Domain	Requested by
28	www.genevabt.com	www.genevabt.com
6	www.google.de	www.genevabt.com
6	www.google.com	www.genevabt.com
5	googleads.g.doubleclick.net	www.genevabt.com
4	assets.adobedtm.com	www.genevabt.com assets.adobedtm.com
3	www.googletagmanager.com	assets.adobedtm.com
2	www.facebook.com	www.genevabt.com
2	connect.facebook.net	www.genevabt.com connect.facebook.net
2	wintrustfinancialcorporation.sc.omtrdc.net	www.genevabt.com assets.adobedtm.com
2	www.google-analytics.com	www.genevabt.com
2	dpm.demdex.net	assets.adobedtm.com www.genevabt.com
2	www.youtube.com	www.genevabt.com www.youtube.com
1	stats.g.doubleclick.net	www.genevabt.com
1	www.googleadservices.com	www.googletagmanager.com
1	wintrustfinancialcor.tt.omtrdc.net	www.genevabt.com
1	cm.everesttech.net	1 redirects
1	wintrust.demdex.net	www.genevabt.com
1	cloud.typenetwork.com	www.genevabt.com
1	webassets.wintrust.com	www.genevabt.com
1	cloud.typography.com	1 redirects
70	20

This site contains links to these domains. Also see Links.

Domain
www.wintrustmortgage.com
www.facebook.com
twitter.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.wintrust.com Entrust Certification Authority - L1M	`2022-03-08` - `2023-03-23`	a year	crt.sh
*.typenetwork.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-10` - `2022-05-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
Frame ID: EE47FA3FAC38A0BCDE8F2EB8EABFE9A8
Requests: 77 HTTP requests in this frame

Frame: https://wintrust.demdex.net/dest5.html?d_nsid=0
Frame ID: C88CE211273AFA603CF849EC3CCB74C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malware & Ransomware | Geneva Bank & Trust

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase
<div class="[^"]*aem-Grid
/etc\.clientlibs/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

70
Requests

97 %
HTTPS

53 %
IPv6

17
Domains

20
Subdomains

18
IPs

6
Countries

3613 kB
Transfer

7028 kB
Size

16
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wintrustmortgage.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GenevaBank

Search URL Search Domain Scan URL

URL: https://twitter.com/Wintrust

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/st-charles-bank-mobile/id1433939205?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.mfoundry.mb.android.mb_529

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cloud.typography.com/6115714/7561812/css/fonts.css HTTP 302
https://webassets.wintrust.com/fonts/823568/CF56D1977BA7D9B59.css

Request Chain 48

https://cm.everesttech.net/cm/dd?d_uuid=47611686874190497742793413609234125382 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnF_ywAAAErkvQQA

70 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request malware-ransomware.html Show response
www.genevabt.com/personal/resources/security/ 70 KB
12 KB 1203ms
267ms Document
text/html 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

affe3609dbcc901fc46866ca6faa8d2a83a03c229e8269a2309d16aa25c4358b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 12259
content-type: text/html;charset=utf-8
date: Tue, 03 May 2022 19:13:12 GMT
etag: W/"116d9-5de204ccdc48f-gzip"
last-modified: Tue, 03 May 2022 19:13:12 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,Referer,User-Agent
x-content-type-options: nosniff
x-dispatcher: dispatcher3useast1
x-frame-options: SAMEORIGIN
x-vhost: genevabt.com
x-xss-protection: 1; mode=block

GET
H2 200 clientlib-base.min.css
www.genevabt.com/etc.clientlibs/wintrust/clientlibs/ 1 MB
105 KB 320ms
318ms Stylesheet
text/css 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/clientlib-base.min.css

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

fbb3970f98163df66f79c40033abf91ab184a071cc5d3239af05dcd4c1ebf509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 03 May 2022 19:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 21:55:46 GMT
server: Apache
etag: "10dd9e-5d8caa4f3fc80-gzip"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding,Referer,User-Agent
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui.min.css
www.genevabt.com/etc.clientlibs/wintrust/clientlibs/vendor/ 32 KB
8 KB 109ms
108ms Stylesheet
text/css 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/vendor/jquery-ui.min.css

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3534139937acc89508b3f67751a85ab4ee48c4f9d8e7d36edb305502fc59d6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Tue, 03 May 2022 19:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 21:55:19 GMT
server: Apache
etag: "7fc2-5d8caa357ffc0-gzip"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding,Referer,User-Agent
content-length: 7901
x-xss-protection: 1; mode=block

GET
H2

200

CF56D1977BA7D9B59.css
webassets.wintrust.com/fonts/823568/
Redirect Chain

https://cloud.typography.com/6115714/7561812/css/fonts.css
https://webassets.wintrust.com/fonts/823568/CF56D1977BA7D9B59.css

400 KB
401 KB

335ms
208ms

Stylesheet
text/css

18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://webassets.wintrust.com/fonts/823568/CF56D1977BA7D9B59.css

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b98f9e95909752296b2313bf2e8602d8836e12cb77de7ecba7ae59450daddc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Jun 2021 03:02:56 GMT
server: Apache
etag: "640f0-5c55206d27800"
x-vhost: webassets
x-frame-options: SAMEORIGIN
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 409840
x-xss-protection: 1; mode=block

Redirect headers

Date: Tue, 03 May 2022 19:13:14 GMT
Last-Modified: Mon, 21 Jun 2021 22:12:25 GMT
Server: AkamaiNetStorage
ETag: "acfb2c6b6a87a71e95a16a8841b616ec:1624313544.62503"
Content-Type: text/html
Location: https://webassets.wintrust.com/fonts/823568/CF56D1977BA7D9B59.css
Cache-Control: must-revalidate, private
Connection: keep-alive
X-HCo-pid: 16
Content-Length: 154
Expires: Tue, 03 May 2022 19:13:14 GMT

GET
H2 200 fontface.css
cloud.typenetwork.com/projects/4738/ 9 KB
2 KB 484ms
21ms Stylesheet
text/css 192.229.233.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.typenetwork.com/projects/4738/fontface.css

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.123 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

78ee480505d7b99814152b29d96e2baf9b1d1b6f1c8cc059662d46618ca26cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466776
x-cache: HIT
allow: GET, HEAD, OPTIONS
content-length: 926
referrer-policy: same-origin
last-modified: Thu, 28 Apr 2022 06:10:32 GMT
server: ECS (frb/6731)
x-frame-options: DENY
etag: W/"334e59a4c6a1caddb67018212fd491b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APJXWxaBdC%2Bx2pcVb5%2FqCk3wlFsxn%2Fb%2FiJB4Uo0KSEKq6vEvkwKJEZ5xusGyPtsC2dmz2gFvBGanbI86j03EbKT%2Bl5BAHdDmqgI3MlBSrUNnn%2BDcC67ZtX9EgN82OdFCluDN7OM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
cf-ray: 702ecc1fdeb9910d-FRA
expires: Tue, 03 May 2022 22:13:12 GMT

GET
H2 200 jquery.min.js Show response
www.genevabt.com/etc.clientlibs/clientlibs/granite/ 98 KB
35 KB 214ms
213ms Script
application/javascript 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d8a75d918ddd574026d721058790dd07fc7424ad500e3d9f5be856e921be08f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Tue, 03 May 2022 19:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 21:35:29 GMT
server: Apache
etag: "18929-5d8ca5c6a0a40-gzip"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding,Referer,User-Agent
content-length: 35516
x-xss-protection: 1; mode=block

GET
H2 200 utils.min.js Show response
www.genevabt.com/etc.clientlibs/clientlibs/granite/ 8 KB
4 KB 110ms
109ms Script
application/javascript 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/clientlibs/granite/utils.min.js

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

06bff916cefa0e2d5595ee421e0e8652f349e85c0a14a6e6921f4368200a9629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 21:34:55 GMT
server: Apache
etag: "1fb6-5d8ca5a633dc0-gzip"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding,Referer,User-Agent
content-length: 3359
x-xss-protection: 1; mode=block

GET
H2 200 contexthub.kernel.js Show response
www.genevabt.com/etc/cloudsettings/default/ 206 KB
60 KB 218ms
217ms Script
application/javascript 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc/cloudsettings/default/contexthub.kernel.js

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

966bb57a41f97b5faa58a98fe89b2c08e11b08cb933a627df9d3cb70be5b87e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 03 May 2022 19:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 23:14:49 GMT
server: Apache
etag: "339c7-5daff0336ec40-gzip"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding,Referer,User-Agent
x-xss-protection: 1; mode=block

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 89ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24c20afcfcae6b8d263d90aaa9f6fc4d73ce39ff65bfbb3c99ceea042f67c6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 03 May 2022 19:13:12 GMT

GET
H2 200 launch-EN652436bf7a494b77a52075260d85b950.min.js Show response
assets.adobedtm.com/ 486 KB
111 KB 184ms
20ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js
Requested by: Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5a10981bb579684134ddad93a6b92f43b7bae577d9493a8c5131bfe029f5749a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:13 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 23:26:38 GMT
server: AkamaiNetStorage
etag: "8de87e3e12accbc786b7c5f193e8290f:1648164398.107854"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.genevabt.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 113097
expires: Tue, 03 May 2022 20:13:13 GMT

GET
H2 200 genevabt.png
www.genevabt.com/content/dam/wintrust/logos/communitybanks/ 6 KB
6 KB 107ms
107ms Image
image/png 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/logos/communitybanks/genevabt.png

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

4b3b71b6aa715203e827f2bc4bb89a61a85f69c10bc879ffa4412af6f90e2601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Tue, 03 May 2022 19:13:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Jan 2020 08:16:59 GMT
server: Apache
etag: "1650-59b0fb35414c0"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 5712
x-xss-protection: 1; mode=block

GET
H2 200 login.png
www.genevabt.com/content/dam/wintrust/generic/nav-icons-buttons/ 7 KB
8 KB 108ms
108ms Image
image/png 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/generic/nav-icons-buttons/login.png

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

176085357e35981f23eb75cf42ebd09df5cc3d3023113fa3905930acd361161f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Mar 2018 22:34:46 GMT
server: Apache
etag: "1d3d-56752dd940d80"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 7485
x-xss-protection: 1; mode=block

GET
H2 200 location.png
www.genevabt.com/content/dam/wintrust/generic/nav-icons-buttons/ 8 KB
8 KB 108ms
108ms Image
image/png 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/generic/nav-icons-buttons/location.png

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e90295514471539bd8418f724ccfec5a9b741d4a39430384391227bc0165d56f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 03 May 2022 19:13:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Mar 2018 22:34:30 GMT
server: Apache
etag: "1ebb-56752dc9fe980"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 7867
x-xss-protection: 1; mode=block

GET
H2 200 search.png
www.genevabt.com/content/dam/wintrust/generic/nav-icons-buttons/ 7 KB
8 KB 107ms
107ms Image
image/png 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/generic/nav-icons-buttons/search.png

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

5b0ead57486a1915884c3ad2c7693be793f58703751f8be17da32715aad566d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Tue, 03 May 2022 19:13:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Mar 2018 22:34:27 GMT
server: Apache
etag: "1df5-56752dc7222c0"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 7669
x-xss-protection: 1; mode=block

GET
H2 200 events.jpg
www.genevabt.com/content/dam/wintrust/component-imagery/universal-imagery/body/2020/07/ 78 KB
79 KB 107ms
107ms Image
image/jpeg 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/component-imagery/universal-imagery/body/2020/07/events.jpg

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

68d27639fbc0adafa9a7edc65142e24144dc41461f2de0789984d4fda5fd4977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 17:19:30 GMT
server: Apache
etag: "1391e-5aa55e4bbac80"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 80158
x-xss-protection: 1; mode=block

GET
H2 200 financialeducation.png
www.genevabt.com/content/dam/wintrust/component-imagery/universal-imagery/body/2017/ 300 KB
301 KB 108ms
108ms Image
image/png 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/component-imagery/universal-imagery/body/2017/financialeducation.png

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

c1c8b32cef40adc6a565a970c0616bc53b4e39314db824422f5c0823cd85ca0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 03 May 2022 19:13:14 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2019 18:18:15 GMT
server: Apache
etag: "4b12b-58cf31e30a7c0"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 307499
x-xss-protection: 1; mode=block

GET
H2 200 wealthservices.png
www.genevabt.com/content/dam/wintrust/component-imagery/universal-imagery/body/2017/ 371 KB
372 KB 215ms
215ms Image
image/png 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/component-imagery/universal-imagery/body/2017/wealthservices.png

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

87b97e8e423944cb1df796e0504b9def25dc03839d86407645ef277cf2104e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:14 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2019 18:18:04 GMT
server: Apache
etag: "5cbc3-58cf31d88cf00"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 379843
x-xss-protection: 1; mode=block

GET
H2 200 231slasalle.png
www.genevabt.com/content/dam/wintrust/component-imagery/company-imagery/wintrust/grand-banking-hall/ 672 KB
673 KB 109ms
109ms Image
image/png 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/component-imagery/company-imagery/wintrust/grand-banking-hall/231slasalle.png

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

fd8aa54cf2dc32780491e5cce7fd4f3e472868d18ab83d5a6d23317c1f7d6771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Tue, 03 May 2022 19:13:14 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2019 17:22:26 GMT
server: Apache
etag: "a7e03-58cf25692f880"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 687619
x-xss-protection: 1; mode=block

GET
H2 200 1559858602066.jpg
www.genevabt.com/content/wintrust/bankstcharles/genevabt/en/personal/resources/security/malware-ransomware/_jcr_content/root/responsivegrid/hero_card_copy.img.jpg/ 331 KB
331 KB 109ms
108ms Image
image/jpeg 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/wintrust/bankstcharles/genevabt/en/personal/resources/security/malware-ransomware/_jcr_content/root/responsivegrid/hero_card_copy.img.jpg/1559858602066.jpg

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

5366d25510f6a9d79cb3d98248ae5528ad9e90beb01a9ad5b60aed4e545efdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 03 May 2022 19:13:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2019 22:03:22 GMT
server: Apache
etag: "52ae6-58aaee1df3e80"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 338662
x-xss-protection: 1; mode=block

GET
H2 200 1559858602150.jpg
www.genevabt.com/content/wintrust/bankstcharles/genevabt/en/personal/resources/security/malware-ransomware/_jcr_content/root/responsivegrid/generic_content_card/genericcontainerpar/image_copy.img.jpg/ 36 KB
37 KB 107ms
107ms Image
image/jpeg 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/wintrust/bankstcharles/genevabt/en/personal/resources/security/malware-ransomware/_jcr_content/root/responsivegrid/generic_content_card/genericcontainerpar/image_copy.img.jpg/1559858602150.jpg

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

9825df5e4a4512752a6ca8994a9e4eb55756bcd0a6c59ff618fda5033220dd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2019 22:03:22 GMT
server: Apache
etag: "9170-58aaee1df3e80"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 37232
x-xss-protection: 1; mode=block

GET
H2 200 equalhousinglender.png
www.genevabt.com/content/dam/wintrust/generic/legal/ 2 KB
3 KB 108ms
107ms Image
image/png 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/generic/legal/equalhousinglender.png

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

493b08d6fbf04d6dfe7664de3af81a47d251046fcbf22459e2b5f1d873ca53f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Mar 2018 22:34:38 GMT
server: Apache
etag: "9f1-56752dd19fb80"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 2545
x-xss-protection: 1; mode=block

GET
H2 200 memfdic-equalhouse.png
www.genevabt.com/content/dam/wintrust/generic/legal/ 43 KB
44 KB 109ms
108ms Image
image/png 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.genevabt.com/content/dam/wintrust/generic/legal/memfdic-equalhouse.png

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

9d637aaf47d8e66699f35d1c099dd2333ad311e37ae13e02926e0187089c705e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Mar 2018 22:34:19 GMT
server: Apache
etag: "ace1-56752dbf810c0"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer
content-length: 44257
x-xss-protection: 1; mode=block

GET
H2 200 granite.min.js Show response
www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/ 4 KB
2 KB 108ms
108ms Script
application/javascript 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

4125f7fb5ef940e03901ec9b35eb9a9345427aaf6348976e7b9521b6322919f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 06 Sep 2019 14:59:49 GMT
server: Apache
etag: "e61-591e3b08a2340-gzip"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding,Referer,User-Agent
content-length: 1626
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
www.genevabt.com/etc.clientlibs/foundation/clientlibs/ 16 B
364 B 107ms
107ms Script
application/javascript 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/foundation/clientlibs/jquery.min.js

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Tue, 03 May 2022 19:13:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 May 2020 22:43:27 GMT
server: Apache
etag: "10-5a52ab9be01c0"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer,User-Agent
content-length: 16
x-xss-protection: 1; mode=block

GET
H2 200 clientlib-base.min.js Show response
www.genevabt.com/etc.clientlibs/wintrust/clientlibs/ 1 MB
354 KB 116ms
116ms Script
application/javascript 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/clientlib-base.min.js

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

581fea1cdb95b10277fe3caf344999c0f76f48b5eea6ec53e1aec97a9097c10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 23:23:12 GMT
server: Apache
etag: "1246df-5daff21321800-gzip"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding,Referer,User-Agent
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui.min.js Show response
www.genevabt.com/etc.clientlibs/wintrust/clientlibs/vendor/ 260 KB
69 KB 117ms
117ms Script
application/javascript 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/vendor/jquery-ui.min.js

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

be94d141b377f6499bf535379d68e11b6f670d0ab0406c16c05be81297be538c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 03 May 2022 19:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 21:55:39 GMT
server: Apache
etag: "40f15-5d8caa4892cc0-gzip"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding,Referer,User-Agent
x-xss-protection: 1; mode=block

GET
H2 404 ix_6VHBpP5j03-uwTHNz.infinity.json Show response
www.genevabt.com/home/users/Y/ 245 B
426 B 130ms
130ms XHR
text/html 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/home/users/Y/ix_6VHBpP5j03-uwTHNz.infinity.json

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc/cloudsettings/default/contexthub.kernel.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ae5a4866ad1536ab91a56579ee4d8402c6849626d5bac3c925cb79752d708600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 03 May 2022 19:13:15 GMT
server: Apache
content-length: 245
x-vhost: genevabt.com
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=iso-8859-1

GET
H2 200 contexthub.pagedata.json Show response
www.genevabt.com/content/wintrust/bankstcharles/genevabt/en/personal/resources/security/malware-ransomware/_jcr_content/ 3 B
345 B 107ms
107ms XHR
application/json 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/content/wintrust/bankstcharles/genevabt/en/personal/resources/security/malware-ransomware/_jcr_content/contexthub.pagedata.json

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc/cloudsettings/default/contexthub.kernel.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Mar 2022 03:11:10 GMT
server: Apache
etag: "3-5db025077cf80"
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Referer,User-Agent
content-length: 3
x-xss-protection: 1; mode=block

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/dfe7ea14/www-widgetapi.vflset/ 154 KB
50 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dfe7ea14/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b1aa3a577a8d3f6b07d5dbdb094173604819f73d335e78762298bffac5391dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:31:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51077
x-xss-protection: 0
last-modified: Mon, 02 May 2022 00:13:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 May 2023 17:31:46 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b78703c0685818dccbd01ee484e5ad7a0d8e4f6ecc325e611d01a0b191564691

Request headers

Referer
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea1d1e50f3dfd759f2bda3b743671ee7150839bac8b60c3278af990a659b7a54

Request headers

Referer
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e6669583d807fb2970defeaafcba46fd29debc2257b06461a4f1fc43766ef2a

Request headers

Referer
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 179ms
46ms XHR
application/json 34.252.147.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=433165B156CED43A7F000101%40AdobeOrg&d_nsid=0&ts=1651605195182

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.147.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-147-157.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b7c051e3f8359576399ba1413c754352daa61e5bd8c2af57fc0d43c8adbd0788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.genevabt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v031-0cf28f2d1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: rGaP6wNqTBk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.genevabt.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 33 KB
12 KB 21ms
20ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "41f1b46329a6056c0f2c993498eda989:1591133412.019903"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.genevabt.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12161
expires: Tue, 03 May 2022 20:13:15 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 3 KB
2 KB 21ms
21ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "e9aa55ef8b40a205f86b54789b37de5c:1591133412.323749"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.genevabt.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1607
expires: Tue, 03 May 2022 20:13:15 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 25 KB
9 KB 22ms
21ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "7324535d27629ca693bad7fd0da315ea:1591133412.560246"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.genevabt.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8764
expires: Tue, 03 May 2022 20:13:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 84ms
34ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1041820229

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1473fe13498e6ca1deb1f3ec55e2c40ceacb79c4dcdf288d6eb47e5dbd94833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44242
x-xss-protection: 0
last-modified: Tue, 03 May 2022 18:07:09 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 May 2022 19:13:15 GMT

GET
DATA 200
OK truncated
/ 18 KB
18 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77d19aede682b3ecd8aa563c6b9a6eed1a73e6aedd0826aca3a87033767b77f9

Request headers

Referer
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80e5716dafd440764b8763c6c44517e93459a805565285975ff5409448a61b03

Request headers

Referer
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 token.json Show response
www.genevabt.com/libs/granite/csrf/ 2 B
306 B 113ms
113ms XHR
application/json 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/libs/granite/csrf/token.json

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: Apache
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/json;charset=iso-8859-1
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Referer,User-Agent
content-length: 2
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 agenda-bold.otf
www.genevabt.com/etc.clientlibs/wintrust/clientlibs/fonts/resources/ 81 KB
36 KB 117ms
116ms Font
application/x-font-otf 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/fonts/resources/agenda-bold.otf

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/clientlib-base.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3c9d814cfa88849999ad678a4163b64d6d9155b7033e0f5ceae2085042d7c6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/clientlib-base.min.css
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-vhost: genevabt.com
vary: Accept-Encoding,Referer,User-Agent
content-length: 36274
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 21:55:43 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "142f8-5d8caa4c635c0-gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-font-otf
cache-control: max-age=86400, public
accept-ranges: bytes

GET
H2 200 fontawesome-webfont.woff2
www.genevabt.com/etc.clientlibs/wintrust/clientlibs/fonts/resources/ 69 KB
70 KB 113ms
113ms Font
application/octet-stream 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/fonts/resources/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/clientlib-base.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.genevabt.com/etc.clientlibs/wintrust/clientlibs/clientlib-base.min.css
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 21:55:39 GMT
server: Apache
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=86400, public
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,Referer,User-Agent
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e5d12cf6557f21466faf3793f360554aa07dd1cb3464c4309cd0775a6f2cfcc

Request headers

Referer
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 563fbfa16aba031fdc94335043fb7720b0ff62e76a46257842805017a4617dc4

Request headers

Referer
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9e0926ebb5fcbd35dab1d25d83f610e78189bd07b81ad3e0f60d17898124cf4

Request headers

Referer
Origin: https://www.genevabt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5905
date: Tue, 03 May 2022 17:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 03 May 2022 19:34:50 GMT

GET
H2 200 token.json Show response
www.genevabt.com/libs/granite/csrf/ 2 B
306 B 117ms
116ms XHR
application/json 18.210.0.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genevabt.com/libs/granite/csrf/token.json

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.0.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-0-83.compute-1.amazonaws.com

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/personal/resources/security/malware-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-dispatcher: dispatcher3useast1
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: Apache
x-vhost: genevabt.com
x-frame-options: SAMEORIGIN
content-type: application/json;charset=iso-8859-1
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Referer,User-Agent
content-length: 2
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK dest5.html Show response
wintrust.demdex.net/ Frame C88C 7 KB
3 KB 206ms
44ms Document
text/html 63.32.228.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wintrust.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.228.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-228-167.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.genevabt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v031-01966ef16.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Hvddb9gSRCk=
content-encoding: gzip
date: Tue, 3 May 2022 19:13:15 GMT
last-modified: Wed, 27 Apr 2022 09:29:58 GMT
vary: accept-encoding

GET
H2 200 id Show response
wintrustfinancialcorporation.sc.omtrdc.net/ 2 B
317 B 128ms
31ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wintrustfinancialcorporation.sc.omtrdc.net/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=433165B156CED43A7F000101%40AdobeOrg&mid=47997459984487313732759366114865885573&ts=1651605195384

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.genevabt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-b4b698fcd-2tft6
vary: Origin
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.genevabt.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YnF_ywAAAErkvQQA
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=47611686874190497742793413609234125382
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnF_ywAAAErkvQQA

42 B
945 B

52ms
52ms

Image
image/gif

34.252.147.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnF_ywAAAErkvQQA

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

HTTP/1.1

Server

34.252.147.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-147-157.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v031-09da8f8aa.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: M60LvHsOTtI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnF_ywAAAErkvQQA
Date: Tue, 03 May 2022 19:13:15 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
wintrustfinancialcor.tt.omtrdc.net/rest/v1/ 363 B
725 B 168ms
51ms XHR
application/json 34.247.205.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wintrustfinancialcor.tt.omtrdc.net/rest/v1/delivery?client=wintrustfinancialcor&sessionId=e00d2f07005f43f4ae04019ca91548e2&version=2.3.2
Requested by: Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-50.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 85579c732a3344d35bed05ee599ff4281140267bc434805d0a6172e9a0d933a8

Request headers

Referer: https://www.genevabt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.genevabt.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 404da994197839527f11d83eb5a59027

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 85ms
35ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1041820229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 May 2022 19:13:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 78ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-994954024

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1454c2b542dc1c64cbbb0dec211a6bafe6eb86296f902e0e31205419fe202d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44198
x-xss-protection: 0
last-modified: Tue, 03 May 2022 18:07:09 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 May 2022 19:13:15 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 72ms
28ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2034732905&t=pageview&_s=1&dl=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&ul=en-us&de=UTF-8&dt=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1649173166&gjid=360534813&cid=247710291.1651605195&tid=UA-28120802-16&_gid=1116367090.1651605195&_r=1&_slc=1&z=263992645

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.genevabt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.genevabt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1041820229/ 2 KB
2 KB 82ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1041820229/?random=1651605195501&cv=9&fst=1651605195501&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2dc59dd3571d7ea3e4399af9d251cf762b080208f391b6392ff7fd42c237a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 61ms
20ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: /0s65zc3OgdlRo+dIY3ZmvEe6JkAXqgPF0OdJGc+0JldMajArELBf22YGgsZh6iZWTfoAglhnv/J54SUDP0zrQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 03 May 2022 19:13:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 151 KB
56 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981534944

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0576bbd924cb288c939be6c188a01450ce218b96d6e881f0b2909a4ac7bbd908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57381
x-xss-protection: 0
last-modified: Tue, 03 May 2022 18:07:09 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 May 2022 19:13:15 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994954024/ 2 KB
1 KB 60ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994954024/?random=1651605195527&cv=9&fst=1651605195527&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e8c382e0c677aac88aea5f212c43d832849f2dd90dbfad661fe7541b24b0969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 84ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28120802-16&cid=247710291.1651605195&jid=1649173166&gjid=360534813&_gid=1116367090.1651605195&_u=IEBAAAAAAAAAAC~&z=1275646582

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.genevabt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 May 2022 19:13:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.genevabt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981534944/ 2 KB
1 KB 92ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981534944/?random=1651605195590&cv=9&fst=1651605195590&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b05097feea292847eb734288371fb6849f91ca59e83abe9c4370f9dd5efb10d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1041820229/ 2 KB
1 KB 112ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1041820229/?random=1651605195596&cv=9&fst=1651605195596&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cafa207ccaeae0c6042d1f1749f9f2f5094c60a444c5d8374bb03ab0c5d22e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981534944/ 2 KB
1 KB 70ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981534944/?random=1651605195605&cv=9&fst=1651605195605&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ccb808a7d84f5eaf1b60a1ae8b92dde3c558fc9b305ec281726081a775e8657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1041820229/ 42 B
548 B 83ms
34ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1041820229/?random=1651605195501&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=530217700&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1041820229/ 42 B
108 B 84ms
35ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1041820229/?random=1651605195501&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=530217700&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/994954024/ 42 B
108 B 132ms
83ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994954024/?random=1651605195527&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=1366163095&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/994954024/ 42 B
548 B 83ms
34ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994954024/?random=1651605195527&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=1366163095&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1963102097245134 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 196ms
173ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1963102097245134?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2eff0d8807f333926c8a98bfb418315c08550e8d3f02b9deb00219f103dc37e0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: CZadT1Pqhg0AFmDSD6Fe5dSDcMGqtssUnOYW+T35VtXQes0eFLrxivILapgOQEy65XOWaKemjC0QiH2BR5FoBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 19:13:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651605195798
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 68ms
58ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-28120802-16&cid=247710291.1651605195&jid=1649173166&_u=IEBAAAAAAAAAAC~&z=2023525443

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 69ms
59ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-28120802-16&cid=247710291.1651605195&jid=1649173166&_u=IEBAAAAAAAAAAC~&z=2023525443

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s68374233411112 Show response
wintrustfinancialcorporation.sc.omtrdc.net/b/ss/wfcscbtgbt,wfcglobal/10/JS-2.20.0-LBWB/ 146 B
375 B 59ms
59ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wintrustfinancialcorporation.sc.omtrdc.net/b/ss/wfcscbtgbt,wfcglobal/10/JS-2.20.0-LBWB/s68374233411112?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=3%2F4%2F2022%2019%3A13%3A15%202%200&d.&nsid=0&jsonv=1&.d&sdid=1B3918B004101367-09BCA615A948D18F&mid=47997459984487313732759366114865885573&aamlh=6&ce=UTF-8&pageName=malware-ransomware&g=https%3A%2F%2Fwww.genevabt.com%2Fgenevabt%2Fen%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&cc=USD&ch=main&events=event41&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=www.genevabt.com&c2=D%3Dv4&v2=malware-ransomware&c3=D%3Dv5&c4=D%3Dv6&v4=en&v5=personal&c18=D%3Dv32&c19=D%3Dv2&v28=19%3A13%20PM&v32=Geneva%20Bank%20%26%20Trust&v49=us-corp-home%3Apersonal%3Aresources%3Asecurity%3Amalware-ransomware&v60=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&v61=www.genevabt.com&v63=malware-ransomware&v67=homepage-%3Egevabt-%3Epersonal-%3Eresources-%3Esecurity-%3Emalware-ransomware&v68=homepage&v70=%2Fcontent%2Fwintrust%2Fbankstcharles%2Fgenevabt%2Fen%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware&v71=Malware%20%26%20Ransomware&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=433165B156CED43A7F000101%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

18fd0b61691c8469bb10a71a2b38d22a363a369479f84866277627f59f83e783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-aam-tid: AS8oRZhdRg0=
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
content-length: 146
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v031-08d815db4.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Wed, 04 May 2022 19:13:15 GMT
server: jag
xserver: anedge-b4b698fcd-f5p8l
etag: 3546795151088910336-4619730924629499015
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 02 May 2022 19:13:15 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/981534944/ 42 B
108 B 34ms
33ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981534944/?random=1651605195605&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=3520208325&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/981534944/ 42 B
108 B 45ms
45ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/981534944/?random=1651605195605&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=3520208325&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/981534944/ 42 B
108 B 40ms
39ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981534944/?random=1651605195590&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=2727089180&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/981534944/ 42 B
108 B 37ms
36ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/981534944/?random=1651605195590&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=2727089180&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1041820229/ 42 B
64 B 79ms
33ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1041820229/?random=1651605195596&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=1162238488&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1041820229/ 42 B
64 B 92ms
40ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1041820229/?random=1651605195596&cv=9&fst=1651604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&tiba=Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust&async=1&fmt=3&is_vtc=1&random=1162238488&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 61ms
20ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1963102097245134&ev=PageView&dl=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&rl=&if=false&ts=1651605195962&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651605195961.566950177&it=1651605195613&coo=false&rqm=GET

Requested by

Host: www.genevabt.com
URL: https://www.genevabt.com/personal/resources/security/malware-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 03 May 2022 19:13:16 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 41ms
20ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1963102097245134&ev=Microdata&dl=https%3A%2F%2Fwww.genevabt.com%2Fpersonal%2Fresources%2Fsecurity%2Fmalware-ransomware.html&rl=&if=false&ts=1651605196465&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Malware%20%26%20Ransomware%20%7C%20Geneva%20Bank%20%26%20Trust%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Malware%20%26%20Ransomware%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651605195961.566950177&it=1651605195613&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.genevabt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:13:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 19:13:16 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: F2tAM462TYM
.youtube.com/	1970-01-20 07:05:57	Name: VISITOR_INFO1_LIVE Value: e7u4ID4mRqU
.genevabt.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 07:05:57	Name: demdex Value: 47611686874190497742793413609234125382
.genevabt.com/	1969-12-31 23:59:59	Name: AMCVS_433165B156CED43A7F000101%40AdobeOrg Value: 1
.genevabt.com/	1970-01-20 04:56:21	Name: _gcl_au Value: 1.1.733729085.1651605195
.genevabt.com/	1970-01-20 20:17:57	Name: _ga Value: GA1.2.247710291.1651605195
.genevabt.com/	1970-01-20 02:48:11	Name: _gid Value: GA1.2.1116367090.1651605195
.genevabt.com/	1970-01-20 02:46:45	Name: _gat Value: 1
.everesttech.net/	1970-01-20 11:32:21	Name: everest_g_v2 Value: g_surferid~YnF_ywAAAErkvQQA
.genevabt.com/	1970-01-20 20:20:49	Name: mbox Value: session#e00d2f07005f43f4ae04019ca91548e2#1651607056\|PC#e00d2f07005f43f4ae04019ca91548e2.37_0#1714849996
.dpm.demdex.net/	1970-01-20 07:05:57	Name: dpm Value: 47611686874190497742793413609234125382
.genevabt.com/	1970-01-20 20:19:23	Name: AMCV_433165B156CED43A7F000101%40AdobeOrg Value: 870038026%7CMCIDTS%7C19116%7CMCMID%7C47997459984487313732759366114865885573%7CMCAAMLH-1652209995%7C6%7CMCAAMB-1652209995%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1651612395s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19123%7CvVersion%7C5.0.0
.genevabt.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 12:08:21	Name: IDE Value: AHWqTUknEzKPVu5xCpqXxbjTMn4BKa57ixd62ZECDqfQLaYVbocc49HpIwZQUQhW
.genevabt.com/	1970-01-20 04:56:21	Name: _fbp Value: fb.1.1651605195961.566950177

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.genevabt.com/home/users/Y/ix_6VHBpP5j03-uwTHNz.infinity.json Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cloud.typenetwork.com
cloud.typography.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
webassets.wintrust.com
wintrust.demdex.net
wintrustfinancialcor.tt.omtrdc.net
wintrustfinancialcorporation.sc.omtrdc.net
www.facebook.com
www.genevabt.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
13.36.218.177
142.250.186.66
18.210.0.83
192.229.233.123
23.33.1.123
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c0c::9b
2a02:26f0:3500:591::1e80
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.247.205.50
34.248.32.199
34.252.147.157
63.32.228.167
0576bbd924cb288c939be6c188a01450ce218b96d6e881f0b2909a4ac7bbd908
06bff916cefa0e2d5595ee421e0e8652f349e85c0a14a6e6921f4368200a9629
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
176085357e35981f23eb75cf42ebd09df5cc3d3023113fa3905930acd361161f
18fd0b61691c8469bb10a71a2b38d22a363a369479f84866277627f59f83e783
1e8c382e0c677aac88aea5f212c43d832849f2dd90dbfad661fe7541b24b0969
24c20afcfcae6b8d263d90aaa9f6fc4d73ce39ff65bfbb3c99ceea042f67c6d6
2b1aa3a577a8d3f6b07d5dbdb094173604819f73d335e78762298bffac5391dc
2e6669583d807fb2970defeaafcba46fd29debc2257b06461a4f1fc43766ef2a
2eff0d8807f333926c8a98bfb418315c08550e8d3f02b9deb00219f103dc37e0
3534139937acc89508b3f67751a85ab4ee48c4f9d8e7d36edb305502fc59d6c8
3c9d814cfa88849999ad678a4163b64d6d9155b7033e0f5ceae2085042d7c6df
4125f7fb5ef940e03901ec9b35eb9a9345427aaf6348976e7b9521b6322919f8
414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
493b08d6fbf04d6dfe7664de3af81a47d251046fcbf22459e2b5f1d873ca53f8
4b3b71b6aa715203e827f2bc4bb89a61a85f69c10bc879ffa4412af6f90e2601
5366d25510f6a9d79cb3d98248ae5528ad9e90beb01a9ad5b60aed4e545efdf8
563fbfa16aba031fdc94335043fb7720b0ff62e76a46257842805017a4617dc4
581fea1cdb95b10277fe3caf344999c0f76f48b5eea6ec53e1aec97a9097c10e
5a10981bb579684134ddad93a6b92f43b7bae577d9493a8c5131bfe029f5749a
5b0ead57486a1915884c3ad2c7693be793f58703751f8be17da32715aad566d4
5cafa207ccaeae0c6042d1f1749f9f2f5094c60a444c5d8374bb03ab0c5d22e9
68d27639fbc0adafa9a7edc65142e24144dc41461f2de0789984d4fda5fd4977
77d19aede682b3ecd8aa563c6b9a6eed1a73e6aedd0826aca3a87033767b77f9
78ee480505d7b99814152b29d96e2baf9b1d1b6f1c8cc059662d46618ca26cef
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80e5716dafd440764b8763c6c44517e93459a805565285975ff5409448a61b03
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85579c732a3344d35bed05ee599ff4281140267bc434805d0a6172e9a0d933a8
87b97e8e423944cb1df796e0504b9def25dc03839d86407645ef277cf2104e96
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
966bb57a41f97b5faa58a98fe89b2c08e11b08cb933a627df9d3cb70be5b87e8
9825df5e4a4512752a6ca8994a9e4eb55756bcd0a6c59ff618fda5033220dd2c
9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834
9ccb808a7d84f5eaf1b60a1ae8b92dde3c558fc9b305ec281726081a775e8657
9d637aaf47d8e66699f35d1c099dd2333ad311e37ae13e02926e0187089c705e
9e5d12cf6557f21466faf3793f360554aa07dd1cb3464c4309cd0775a6f2cfcc
a1454c2b542dc1c64cbbb0dec211a6bafe6eb86296f902e0e31205419fe202d2
a1473fe13498e6ca1deb1f3ec55e2c40ceacb79c4dcdf288d6eb47e5dbd94833
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ae5a4866ad1536ab91a56579ee4d8402c6849626d5bac3c925cb79752d708600
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
affe3609dbcc901fc46866ca6faa8d2a83a03c229e8269a2309d16aa25c4358b
b05097feea292847eb734288371fb6849f91ca59e83abe9c4370f9dd5efb10d4
b78703c0685818dccbd01ee484e5ad7a0d8e4f6ecc325e611d01a0b191564691
b7c051e3f8359576399ba1413c754352daa61e5bd8c2af57fc0d43c8adbd0788
b98f9e95909752296b2313bf2e8602d8836e12cb77de7ecba7ae59450daddc1c
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
be94d141b377f6499bf535379d68e11b6f670d0ab0406c16c05be81297be538c
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c1c8b32cef40adc6a565a970c0616bc53b4e39314db824422f5c0823cd85ca0a
c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d8a75d918ddd574026d721058790dd07fc7424ad500e3d9f5be856e921be08f1
e2dc59dd3571d7ea3e4399af9d251cf762b080208f391b6392ff7fd42c237a5b
e90295514471539bd8418f724ccfec5a9b741d4a39430384391227bc0165d56f
ea1d1e50f3dfd759f2bda3b743671ee7150839bac8b60c3278af990a659b7a54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9e0926ebb5fcbd35dab1d25d83f610e78189bd07b81ad3e0f60d17898124cf4
fbb3970f98163df66f79c40033abf91ab184a071cc5d3239af05dcd4c1ebf509
fd8aa54cf2dc32780491e5cce7fd4f3e472868d18ab83d5a6d23317c1f7d6771

www.genevabt.com Open in urlscan Pro 18.210.0.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

97 %HTTPS

53 %IPv6

17 Domains

20 Subdomains

18 IPs

6 Countries

3613 kBTransfer

7028 kBSize

16 Cookies

5 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.genevabt.com Open in urlscan Pro
18.210.0.83 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

97 %
HTTPS

53 %
IPv6

17
Domains

20
Subdomains

18
IPs

6
Countries

3613 kB
Transfer

7028 kB
Size

16
Cookies

70 HTTP transactions
8 data transactions