nestbank.pl Open in urlscan Pro
193.105.248.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.nestbank.pl/
Effective URL:
https://nestbank.pl/
Submission: On September 04 via api (September 4th 2019, 9:09:56 pm UTC) from BE

Summary HTTP 59 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 8 domains to perform 59 HTTP transactions. The main IP is 193.105.248.157, located in Warsaw, Poland and belongs to NESTBANK, PL. The main domain is nestbank.pl.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on October 23rd 2018. Valid for: 2 years.

This is the only time nestbank.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 41	193.105.248.157 193.105.248.157	196999 (NESTBANK) (NESTBANK)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.83.163 147.75.83.163	54825 (PACKET) (PACKET - Packet Host)
1	147.75.32.75 147.75.32.75	54825 (PACKET) (PACKET - Packet Host)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.84.99 147.75.84.99	54825 (PACKET) (PACKET - Packet Host)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
59	12

41 193.105.248.157 (Warsaw, Poland) 2 redirects

ASN196999 (NESTBANK, PL)
PTR: rev-193.105.248.157.fmbank.pl

www.nestbank.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nestbank.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.163 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-1

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.75 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-9

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.99 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	nestbank.pl 2 redirects www.nestbank.pl nestbank.pl	739 KB
4	google-analytics.com www.google-analytics.com	39 KB
3	doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net googleads.g.doubleclick.net	4 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	75 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	google.com www.google.com Failed	112 B
1	googletagmanager.com www.googletagmanager.com	33 KB
0	google.de Failed www.google.de Failed
59	8

	Domain	Requested by
39	nestbank.pl	nestbank.pl
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com nestbank.pl
2	www.nestbank.pl	2 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	googleads4.g.doubleclick.net	nestbank.pl
1	vars.hotjar.com	static.hotjar.com
1	ad.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.google.com	nestbank.pl
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	nestbank.pl
0	www.google.de Failed	nestbank.pl
59	13

This site contains links to these domains. Also see Links.

Domain
login.nestbank.pl
nestbank.prowly.com
nestapi.nestbank.pl
psd2api.nestbank.pl
play.google.com
itunes.apple.com
v2.nestbank.pl
wyciagi.nestbank.pl

Subject Issuer	Validity	Valid
www.nestbank.pl GeoTrust EV RSA CA 2018	`2018-10-23` - `2020-12-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://nestbank.pl/
Frame ID: 5F19B50431055D6196144526D8980401
Requests: 58 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: F5E8304C099164BE7EB61D27A1FB75BD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.nestbank.pl/ HTTP 301
https://www.nestbank.pl/ HTTP 301
https://nestbank.pl/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

59
Requests

88 %
HTTPS

36 %
IPv6

8
Domains

13
Subdomains

12
IPs

5
Countries

899 kB
Transfer

2625 kB
Size

11
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://login.nestbank.pl/login
Title: Zaloguj się

Search URL Search Domain Scan URL

URL: https://nestbank.prowly.com/
Title: Biuro prasowe

Search URL Search Domain Scan URL

URL: https://nestapi.nestbank.pl/
Title: Nest Bank API

Search URL Search Domain Scan URL

URL: https://psd2api.nestbank.pl/
Title: Portal dewelopera PSD 2

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=pl.nestbank.nestbank&hl=pl
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/nest-bank-nowy/id1386204117?l=pl&ls=1&mt=8
Title:

Search URL Search Domain Scan URL

URL: https://v2.nestbank.pl/uslugi/kursy-walut_new.html
Title: Kursy walut

Search URL Search Domain Scan URL

URL: https://v2.nestbank.pl/uslugi/korzystne-kursy-walut_new.html
Title: Korzystne kursy walut

Search URL Search Domain Scan URL

URL: https://wyciagi.nestbank.pl/
Title: System wyciągów

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.nestbank.pl/ HTTP 301
https://www.nestbank.pl/ HTTP 301
https://nestbank.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-84885901-4&cid=247937804.1567631378&jid=1751298179&gjid=593099251&_gid=366312673.1567631378&_u=YGBAgEADQ~&z=1541556257 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=247937804.1567631378&jid=1751298179&_v=j79&z=1541556257

Request Chain 46

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-84885901-1&cid=247937804.1567631378&jid=1169632464&gjid=2022545045&_gid=366312673.1567631378&_u=aGDAgEADQ~&z=87014768 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-1&cid=247937804.1567631378&jid=1169632464&_v=j79&z=87014768

Request Chain 53

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=851056467&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnestbank.pl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=scroll%20depth&ea=%2F&el=25%25&_u=aGDAAEADQ~&jid=1858552614&gjid=1900536372&cid=247937804.1567631378&tid=UA-84885901-4&_gid=366312673.1567631378&_r=1&gtm=2wg8l2WJHPTHT&cg1=&cd1=&cd2=false&cd3=0&z=829921393 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-84885901-4&cid=247937804.1567631378&jid=1858552614&_gid=366312673.1567631378&gjid=1900536372&_v=j79&z=829921393 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=247937804.1567631378&jid=1858552614&_v=j79&z=829921393

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
nestbank.pl/
Redirect Chain

http://www.nestbank.pl/
https://www.nestbank.pl/
https://nestbank.pl/

52 KB
11 KB

343ms
87ms

Document
text/html

193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

681594d2caea771fae13fe7bf4eadbdbd1df44865e4cc13b29812f2107774672

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: nestbank.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: deflate
Expires: -1
Vary: Accept-Encoding
Set-Cookie: CMSPreferredCulture=pl-PL; expires=Fri, 04-Sep-2020 21:09:38 GMT; path=/; HttpOnly CMSCsrfCookie=J/R6I2ibfNGL/dHgVZidMiRDFtizfiyd9MlwY/Uy; path=/; HttpOnly Nestbank_SessionId=xmzn3ddmmblcg3so2cmsie3a; path=/; HttpOnly;Secure ARRAffinity=a4b97459f90b4bea1372963ae671ef32436fdac5a1609ccc33d489656c4949b0;Path=/;Domain=nestbank.pl SESSION=!K1HbnzmtHuYY4+ZXL2R7O3iEjyQFvjuzvpbABuPJlpqUmKgU0HpfVA/8CAgQW9geZciaO1JGLj2OH/c=; path=/; Httponly; Secure
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST
Access-Control-Allow-Headers: Content-Type
Access-Control-Expose-Headers: Paging-Headers
Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 04 Sep 2019 21:09:21 GMT
Content-Length: 9508

Redirect headers

Location: https://nestbank.pl/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK app.css
nestbank.pl/App_Themes/NestBank/css/ 361 KB
56 KB 114ms
74ms Stylesheet
text/css 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/css/app.css

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

b5c2ec69838035adb3bebe6e6075cb4691845890dec61124e3cbbce6977709d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 55860
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 18 Jul 2019 11:17:58 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
ETag: "0f72745a3dd51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK app.js Show response
nestbank.pl/App_Themes/NestBank/scripts/ 1 MB
314 KB 226ms
78ms Script
application/javascript 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/scripts/app.js

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

92b8c73dd6c5a2148f4cddf17a29b696b4fb14ca9a7d3ca5368e66e3a2d13040

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 320230
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 31 Jul 2019 13:37:46 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
ETag: "0f1423a547d51:0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK WebResource.axd Show response
nestbank.pl/ 23 KB
24 KB 223ms
74ms Script
application/x-javascript 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZJ3173ZrlpYoceQk7mzrWVXeaA-7ih3VxoGw7kNUOXrTC1W7K12Npvr7DxZKFZ5NHA2&t=636940025749177621

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 21 May 2019 00:29:34 GMT
X-XSS-Protection: 1; mode=block
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public
Access-Control-Allow-Headers: Content-Type
Content-Length: 23063
X-Content-Type-Options: nosniff
Expires: Thu, 03 Sep 2020 12:40:41 GMT

GET
H/1.0 200
OK GetResource.ashx Show response
nestbank.pl/CMSPages/ 121 B
200 B 228ms
72ms Script
text/html 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://nestbank.pl/CMSPages/GetResource.ashx?scriptfile=~%2FCMSScripts%2FWebServiceCall.js
Requested by: Host: nestbank.pl
URL: https://nestbank.pl/
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),
Reverse DNS: rev-193.105.248.157.fmbank.pl
Software: BigIP /
Resource Hash: 640efc59b1019aad72a66017bda124cecd41bad309ad11cae3c7c1dd63c0a9fe

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 121
Server: BigIP

GET
H/1.1 200
OK ScriptResource.axd Show response
nestbank.pl/ 100 KB
26 KB 231ms
74ms Script
application/x-javascript 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvrE_hGS3-bb9mTW4mTENT7ZMHu6avbUFyZ1AAwXeZf__N-NBvfgvOTLY4ZvTGrc8Isub2_WS20wWqLrcMS5dxipQUa3RgIhTfGuhbO7e4lALCRRuVWSrMvnzCVXGzydJoBdXEFXcbp6QH4xLdHWV4481&t=ffffffffa580202a

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 25609
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 04 Sep 2019 20:41:46 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public
Access-Control-Allow-Headers: Content-Type
Expires: Thu, 03 Sep 2020 20:41:46 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
nestbank.pl/ 39 KB
11 KB 232ms
74ms Script
application/x-javascript 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OL69ao3bydUzA9MqF7VqYoestAY5v7akm2lGv1ZU3WbU8AN-I6qP1BaKBgEi4TWoHik91NkEu__JfDJLGuj--dUXmd6NaP04l0kETUHC8UH0RoAFomaW_1S7dp3DpBm6rM5Oz2m3VTXrSzUQTYrNJSU1&t=ffffffffa580202a

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 9984
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 04 Sep 2019 20:41:46 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public
Access-Control-Allow-Headers: Content-Type
Expires: Thu, 03 Sep 2020 20:41:46 GMT

GET
H/1.1 200
OK nestbank-logo.png
nestbank.pl/NestBank/media/NestBank/Struktura%20serwisu/ 7 KB
9 KB 71ms
71ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Struktura%20serwisu/nestbank-logo.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

698d4de529adea7d1ee84768978697137241c37d2943478ba63ee27123fbc6c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 13 Nov 2018 09:57:10 GMT
X-XSS-Protection: 1; mode=block
ETag: "09f583e377bd41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 7552
X-Content-Type-Options: nosniff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
33 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfcfa788ad08ea44373215eb0861bbb4c8dee755d2bb6a76db17223482e5f403

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Sep 2019 21:09:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 33275
x-xss-protection: 0
expires: Wed, 04 Sep 2019 21:09:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1565
date: Wed, 04 Sep 2019 20:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Wed, 04 Sep 2019 22:43:33 GMT

GET
H2 200 hotjar-1222140.js Show response
static.hotjar.com/c/ 6 KB
3 KB 114ms
37ms Script
application/javascript 147.75.83.163
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1222140.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.163 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-1

Software

openresty /

Resource Hash

41bd4b55fdf814524b7cfcaa2628f66ad921736304f2a30f0b91b23dbc17324a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Sep 2019 21:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
section-io-tag: hotjar
age: 38
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 2635
server: openresty
cache-control: max-age=60
x-frame-options: SAMEORIGIN
etag: W/8245c2923fa1fd5434935a25ea2f54bf
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.119
section-io-id: f55cd19cfcc75282ccc63fbcc87323e2
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK Konta_605x605NEST-Ignacy-rece-X-min.jpg
nestbank.pl/NestBank/media/NestBank/Konta%20-%20oficjalne%20grafiki/Konta_605x605/ 30 KB
31 KB 75ms
74ms Image
image/jpeg 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Konta%20-%20oficjalne%20grafiki/Konta_605x605/Konta_605x605NEST-Ignacy-rece-X-min.jpg

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

8e98bc6ff3ddc3d933fa916af6ee8a5cc00e7b6f25db8e04e03d042e5cc23cd6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 04 Jun 2019 12:17:42 GMT
X-XSS-Protection: 1; mode=block
ETag: "c71d7c82cf1ad51:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 30464
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK NEST_Nest-Lokata-Witaj_346x326-min.jpg
nestbank.pl/NestBank/media/NestBank/Oszcz%C4%99dno%C5%9Bci%20i%20Inwestycje%20-%20oficjalne%20grafiki/346x326/ 22 KB
23 KB 65ms
65ms Image
image/jpeg 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Oszcz%C4%99dno%C5%9Bci%20i%20Inwestycje%20-%20oficjalne%20grafiki/346x326/NEST_Nest-Lokata-Witaj_346x326-min.jpg

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

e8c7cd2c82e8ec033565f7010aea245df1bf88f7299428071596bc9f41a5c0cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 04 Jun 2019 12:17:43 GMT
X-XSS-Protection: 1; mode=block
ETag: "8ba1183cf1ad51:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 22368
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Nest_gotowka_na_klik_346_326-min.jpg
nestbank.pl/NestBank/media/NestBank/Kredyty%20oficjalne%20grafiki/346x326/ 25 KB
27 KB 63ms
63ms Image
image/jpeg 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kredyty%20oficjalne%20grafiki/346x326/Nest_gotowka_na_klik_346_326-min.jpg

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

bfa849d7aae93c5af196d8ccb1b5979a853b49cbd392e1a0eb7eadd0c47266f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 04 Jun 2019 12:17:44 GMT
X-XSS-Protection: 1; mode=block
ETag: "34e6f83cf1ad51:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 26036
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Nestbank_bankowosc_mobilna_346_326-min.jpg
nestbank.pl/NestBank/media/NestBank/Bankowo%C5%9B%C4%87%20elektroniczna%20-%20oficjalne%20grafiki/346x326/ 21 KB
22 KB 61ms
61ms Image
image/jpeg 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Bankowo%C5%9B%C4%87%20elektroniczna%20-%20oficjalne%20grafiki/346x326/Nestbank_bankowosc_mobilna_346_326-min.jpg

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

25ae758c76521479b032194ac0988356a66cccbd28b5cd664f63a4a5891296fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 04 Jun 2019 12:17:44 GMT
X-XSS-Protection: 1; mode=block
ETag: "9885c783cf1ad51:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 21432
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Nest_skarbonka_356_325.png
nestbank.pl/NestBank/media/NestBank/Oszcz%C4%99dno%C5%9Bci%20i%20Inwestycje%20-%20oficjalne%20grafiki/356x325/ 70 KB
72 KB 73ms
72ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Oszcz%C4%99dno%C5%9Bci%20i%20Inwestycje%20-%20oficjalne%20grafiki/356x325/Nest_skarbonka_356_325.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

0bed64f0dee9ced51c6f329273d213151e899bd600e0f6f11831868c3dc782cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 29 Jul 2019 06:39:30 GMT
X-XSS-Protection: 1; mode=block
ETag: "2dc3fd5fd845d51:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 71886
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK czech.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
2 KB 63ms
62ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/czech.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

d87c3470774af78d1ce5df2c91bec0f7950b472c66ad0d51c5c553601c3d4033

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:08 GMT
X-XSS-Protection: 1; mode=block
ETag: "0e41db0adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1086
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK spadek
nestbank.pl/getmedia/1079abf7-ec60-46b3-ba8b-12b5028e50b8/ 161 B
2 KB 78ms
76ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/1079abf7-ec60-46b3-ba8b-12b5028e50b8/spadek

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

6c8cfcecf509daa3cb6e739125201f2da11659d0f9948deb7dc757441d1744e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="spadek.png"
Content-Length: 161
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 23 Feb 2019 06:24:22 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "2/23/2019 6:24:22 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Wed, 04 Sep 2019 21:09:38 GMT

GET
H/1.1 200
OK szwecja.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 972 B
2 KB 65ms
62ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/szwecja.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

8d85e92e1225118f4a66a214e6c474ccf2375e5beaef9710b7b6127a8c77e20a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:12 GMT
X-XSS-Protection: 1; mode=block
ETag: "03e80b2adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 972
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK norwegia.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
2 KB 66ms
63ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/norwegia.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

431f43d2082371f7ec0fb013b2b697197aff18c31d7ce5fc56453ea56f0bb663

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
X-XSS-Protection: 1; mode=block
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1067
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK dania.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1004 B
2 KB 76ms
74ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/dania.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

64621744ef4b5ca3f3cc31ff7f6b17cfd9fc87e3deaae9a93be3d7e5a6572a23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:08 GMT
X-XSS-Protection: 1; mode=block
ETag: "0e41db0adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1004
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK rumunia.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 909 B
2 KB 66ms
63ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/rumunia.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

f3109f4279010cd19bca5392b782dd9c0440da72bcbc4ef34e00431afddbad6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
X-XSS-Protection: 1; mode=block
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 909
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK wzrost
nestbank.pl/getmedia/547958e5-d840-4ca5-a392-597a12401e2c/ 154 B
2 KB 78ms
76ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/547958e5-d840-4ca5-a392-597a12401e2c/wzrost

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

6f57c2d49d5f317beed68fd7d4ccad08c4f96f7198a7532db2c35250e08039f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="wzrost.png"
Content-Length: 154
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 23 Feb 2019 06:24:23 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "2/23/2019 6:24:23 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Wed, 04 Sep 2019 21:09:38 GMT

GET
H/1.1 200
OK wegry.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 867 B
2 KB 63ms
63ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/wegry.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

25be8e779bfca44d1404c54a6b38480d0fc644486e3c9665e846b14ecbcde1e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:12 GMT
X-XSS-Protection: 1; mode=block
ETag: "03e80b2adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 867
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK japan.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 785 B
2 KB 65ms
64ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/japan.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

b36331701bbc2b2847dc10a919d003111a359291aadd5935d15921f5a4524249

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
X-XSS-Protection: 1; mode=block
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 785
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK stany.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
3 KB 73ms
72ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/stany.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

3cc6dadf854a3adcb716879159fbe6748a564c546d962fde0d0d9f4298f48f6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
X-XSS-Protection: 1; mode=block
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1357
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK szwajcaria.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 787 B
2 KB 71ms
71ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/szwajcaria.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

4831b4ad5b53444cd0cace4f2da847605ea51d363400bbefcc5855afd20e7834

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
X-XSS-Protection: 1; mode=block
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 787
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK europa.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
2 KB 72ms
72ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/europa.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

8cdd44c48196c3921bff4dfd4799ecdec1179cacdf579582931eafdb31193a75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:10 GMT
X-XSS-Protection: 1; mode=block
ETag: "0114fb1adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1109
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK uk.png
nestbank.pl/NestBank/media/NestBank/Kursy%20walut/ 1 KB
3 KB 70ms
68ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/NestBank/media/NestBank/Kursy%20walut/uk.png?ext=.png

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

f2f335dcd49d10880c6a74f6403b7571b86b68122fff00dd5e0e195216233fef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 27 Feb 2019 15:04:12 GMT
X-XSS-Protection: 1; mode=block
ETag: "03e80b2adced41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1333
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK phone
nestbank.pl/getmedia/4ce604fb-e783-4c85-adc1-5f262c4b66c3/ 2 KB
4 KB 70ms
70ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/4ce604fb-e783-4c85-adc1-5f262c4b66c3/phone

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

c1bf6f27abe617b4c181dcac6f19dbf68c727b34e446fadb9394207c659aedc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="phone.png"
Content-Length: 2254
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 17:54:53 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/20/2018 5:54:53 PM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Wed, 04 Sep 2019 21:09:39 GMT

GET
H/1.1 200
OK letter
nestbank.pl/getmedia/3807a5b4-3981-47f2-9b73-ab4d3c811d4a/ 1 KB
2 KB 71ms
71ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/3807a5b4-3981-47f2-9b73-ab4d3c811d4a/letter

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

c57d348c99771c6acda3ebcfde05476cb280aec352be851917b0774313cb63a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="letter.png"
Content-Length: 1037
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 17:54:53 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/20/2018 5:54:53 PM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Wed, 04 Sep 2019 21:09:39 GMT

GET
H/1.1 200
OK marker
nestbank.pl/getmedia/e664bb43-9970-4344-84eb-ae76950d49a6/ 2 KB
4 KB 80ms
80ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/e664bb43-9970-4344-84eb-ae76950d49a6/marker

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

c391e5ed80467263d2dac3055a008ea70e6d8d1adcf4ee4b9255716f3be918f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="marker.png"
Content-Length: 2206
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 17:54:53 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/20/2018 5:54:53 PM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Wed, 04 Sep 2019 21:09:39 GMT

GET
H/1.1 200
OK help
nestbank.pl/getmedia/93287e11-e5a0-475a-8659-5ea18c7d11f8/ 2 KB
4 KB 79ms
79ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/93287e11-e5a0-475a-8659-5ea18c7d11f8/help

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

4207a8834a49108a620b320188c08cc3e7bda6a0d8a21d1e8f3fcd9803a52f01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="help.png"
Content-Length: 2432
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 17:54:52 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/20/2018 5:54:52 PM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Wed, 04 Sep 2019 21:09:39 GMT

GET
H/1.1 200
OK google-play
nestbank.pl/getmedia/1afe2e42-7221-4df4-8115-0e172d737b5d/ 4 KB
5 KB 77ms
77ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/1afe2e42-7221-4df4-8115-0e172d737b5d/google-play

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

09fc6b253a6dcda9ce632eaf1ab674a2dd967c84c59ead2a923a75d9c2b3c5c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="google-play.png"
Content-Length: 3998
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 14 Nov 2018 10:08:43 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/14/2018 10:08:43 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Wed, 04 Sep 2019 21:09:39 GMT

GET
H/1.1 200
OK app-store
nestbank.pl/getmedia/b9bfd39e-bc9a-488d-9909-bd3a2123b690/ 4 KB
5 KB 74ms
73ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/b9bfd39e-bc9a-488d-9909-bd3a2123b690/app-store

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

8519253787cc3c1e2f4c4ce708408abea0435b7064232495dc37cf6c7751d55f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="app-store.png"
Content-Length: 3587
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 14 Nov 2018 10:08:43 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/14/2018 10:08:43 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Wed, 04 Sep 2019 21:09:39 GMT

GET
H/1.1 200
OK cookie
nestbank.pl/getmedia/b440e91a-1f91-4cd1-9bf5-ff0768912ae5/ 3 KB
4 KB 102ms
66ms Image
image/png 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/getmedia/b440e91a-1f91-4cd1-9bf5-ff0768912ae5/cookie

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

953c16dcfd4919912843903ad0a83777a71e33da9a8bf1a93b6fa4cef07299f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Content-Disposition: inline; filename="cookie.png"
Content-Length: 2842
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Nov 2018 07:28:31 GMT
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: public, must-revalidate
ETag: "11/22/2018 7:28:31 AM"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Wed, 04 Sep 2019 21:09:39 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 56 KB
21 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TFCNM42&t=gtm2&cid=247937804.1567631378

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2bf19079fe294d35705c186017ba201671de01f0168af66292ad324180e7b84

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Sep 2019 21:09:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 21576
x-xss-protection: 0
expires: Wed, 04 Sep 2019 21:09:38 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 7ms
6ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=851056467&t=pageview&_s=1&dl=https%3A%2F%2Fnestbank.pl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEADQ~&jid=1751298179&gjid=593099251&cid=247937804.1567631378&tid=UA-84885901-4&_gid=366312673.1567631378&gtm=2wg8l2WJHPTHT&cg1=&cd1=&cd2=false&z=356195092

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2019 03:29:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 582005
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-84885901-4&cid=247937804.1567631378&jid=1751298179&gjid=593099251&_gid=366312673.1567631378&_u=YGBAgEADQ~&z=1541556257
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=247937804.1567631378&jid=1751298179&_v=j79&z=1541556257

0
0

GET
H2 200 modules.006e5402d1341dbb34b1.js Show response
script.hotjar.com/ 426 KB
72 KB 109ms
41ms Script
application/javascript 147.75.32.75
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.006e5402d1341dbb34b1.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1222140.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.75 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-9
Software: /
Resource Hash: 9cfc50c0a06e80ec3cd0214a772420c417a93e0cf5b780530f40e59462461871

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Sep 2019 21:09:39 GMT
content-encoding: br
last-modified: Wed, 04 Sep 2019 10:51:12 GMT
status: 200
etag: "9273580f887a1a7d1a946791658fd293"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.086
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 9c4c9707a4c71b39973801201876bf79
content-length: 72916

GET
H2 200 B20858496.216254122;sz=1x2;ord=1981482194;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/adj/N9439.197812NSO.CODESRV/ 7 KB
3 KB 77ms
76ms Script
text/javascript 172.217.16.198
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N9439.197812NSO.CODESRV/B20858496.216254122;sz=1x2;ord=1981482194;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

3e4cbb082f67f64b97fe323d09724b57b71dcf0012990a124a448b601efe3bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Sep 2019 21:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2524
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK check.svg
nestbank.pl/App_Themes/NestBank/images/svg/ 1 KB
2 KB 85ms
69ms Image
image/svg+xml 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/App_Themes/NestBank/images/svg/check.svg?kjHmb

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

11a81ffecd8b8c0f67661b5c21d2005f177ec7b4c3c9146470819fe5b5a3741b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 18:22:12 GMT
X-XSS-Protection: 1; mode=block
ETag: "022a3f4fd80d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1028
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK small-arrow-right.svg
nestbank.pl/App_Themes/NestBank/images/svg/ 1 KB
2 KB 84ms
70ms Image
image/svg+xml 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nestbank.pl/App_Themes/NestBank/images/svg/small-arrow-right.svg?29PRG

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

047d0fc4451fb67490dab3296ba22d112cd05e1504abf60dfe0f1eda73db8e4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 20 Nov 2018 18:22:12 GMT
X-XSS-Protection: 1; mode=block
ETag: "022a3f4fd80d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 1107
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK lato-regular-webfont.woff2
nestbank.pl/App_Themes/NestBank/statics/fonts/lato/ 21 KB
23 KB 87ms
61ms Font
application/font-woff2 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/statics/fonts/lato/lato-regular-webfont.woff2?3-tUS

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

c67cac87953aa5ab7427b1ea39da576190d2e2fd06f0b00d288c7dadb6d2baef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
Origin: https://nestbank.pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 08 Jan 2019 15:42:14 GMT
X-XSS-Protection: 1; mode=block
ETag: "04f6ba68a7d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 21860
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK lato-bold-webfont.woff2
nestbank.pl/App_Themes/NestBank/statics/fonts/lato/ 20 KB
21 KB 88ms
62ms Font
application/font-woff2 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/statics/fonts/lato/lato-bold-webfont.woff2?2_Hxv

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

5824aea78dcee0f48c3f4e29ddf336419a10f482089ddc52663151f5313babe1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
Origin: https://nestbank.pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 08 Jan 2019 15:42:14 GMT
X-XSS-Protection: 1; mode=block
ETag: "04f6ba68a7d41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 20660
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK IconFont.woff
nestbank.pl/App_Themes/NestBank/fonts/ 4 KB
6 KB 86ms
61ms Font
application/x-font-woff 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/App_Themes/NestBank/fonts/IconFont.woff?4DyxU

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

81e081d72405af4c18b19f26b74b94de0e110c66e79b0d7bdf173e1671c5e33b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://nestbank.pl/App_Themes/NestBank/css/app.css
Origin: https://nestbank.pl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 08 Apr 2019 21:57:14 GMT
X-XSS-Protection: 1; mode=block
ETag: "0593f656eed41:0"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Date: Wed, 04 Sep 2019 21:09:21 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 4508
X-Content-Type-Options: nosniff

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
5ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=851056467&t=pageview&_s=1&dl=https%3A%2F%2Fnestbank.pl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=1169632464&gjid=2022545045&cid=247937804.1567631378&tid=UA-84885901-1&_gid=366312673.1567631378&gtm=2wg8l2WJHPTHT&cg1=&cd1=&cd2=false&z=638938658

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2019 03:29:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 582005
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-84885901-1&cid=247937804.1567631378&jid=1169632464&gjid=2022545045&_gid=366312673.1567631378&_u=aGDAgEADQ~&z=87014768
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-1&cid=247937804.1567631378&jid=1169632464&_v=j79&z=87014768

0
0

GET ga-audiences
www.google.de/ads/ 0
0

GET
H/1.1 200
OK active Show response
nestbank.pl/api/alert/ 4 B
1 KB 95ms
88ms XHR
application/json 193.105.248.157
NESTBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://nestbank.pl/api/alert/active

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/App_Themes/NestBank/scripts/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.105.248.157 Warsaw, Poland, ASN196999 (NESTBANK, PL),

Reverse DNS

rev-193.105.248.157.fmbank.pl

Software

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://nestbank.pl/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self' *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io; img-src 'self' data: blob: *.googletagmanager.com *.google-analytics.com *.google.com *.google.pl *.gstatic.com *.doubleclick.net; font-src 'self' data: *.googleapis.com *.gstatic.com; style-src 'self' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.nestbank.pl *.googletagmanager.com *.google-analytics.com *.google.com *.googleadservices.com *.doubleclick.net *.hotjar.com; child-src 'self' blob: *.nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com *.hotjar.com *.hotjar.io;
X-Content-Type-Options: nosniff
Date: Wed, 04 Sep 2019 21:09:21 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Paging-Headers
Cache-Control: no-cache
Access-Control-Allow-Headers: Content-Type
Content-Length: 4
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Expires: -1

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame F5E8 0
0 115ms
40ms Document
text/html 147.75.84.99
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1222140.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://nestbank.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://nestbank.pl/

Response headers

status: 200
date: Wed, 04 Sep 2019 21:09:39 GMT
content-type: text/html
content-length: 787
cache-control: max-age=31536000
content-encoding: br
last-modified: Mon, 12 Aug 2019 16:41:40 GMT
etag: "5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.052
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 0a541fe17ea7e32531a9d97d17526ada

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
277 B 54ms
53ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8gqZvahABo8rPRPazSREtSrufly9Cyw7cmF0U0HUbYbpm6p-Zyt9auA71t3RPhgVZK4kg7jKeiB4ZkGm_JJIDHSjHrFGQCMI0o21VVqtTFxH4d05llHOO&sig=Cg0ArKJSzMskXf5l_LphEAE&urlfix=1&adurl=

Requested by

Host: nestbank.pl
URL: https://nestbank.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 Sep 2019 21:09:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Sep 2019 21:09:38 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 191ms
69ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHPTHT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Sep 2019 21:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9166
x-xss-protection: 0
server: cafe
etag: 9427867564825067918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Sep 2019 21:09:39 GMT

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=851056467&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnestbank.pl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-84885901-4&cid=247937804.1567631378&jid=1858552614&_gid=366312673.1567631378&gjid=1900536372&_v=j79&z=829921393
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=247937804.1567631378&jid=1858552614&_v=j79&z=829921393

0
0

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819543010/ 2 KB
1 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819543010/?random=1567631379432&cv=9&fst=1567631379432&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnestbank.pl%2F&tiba=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0ad03c72d9319841c4787f868d40bd4c18e573079996e861fe1f2b4715ce2952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Sep 2019 21:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 971
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819543010/ 42 B
112 B 21ms
21ms Image
image/gif 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819543010/?random=1567631379432&cv=9&fst=1567630800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2Fnestbank.pl%2F&tiba=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&async=1&fmt=3&is_vtc=1&random=1377155434&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://nestbank.pl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Sep 2019 21:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/819543010/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=247937804.1567631378&jid=1751298179&_v=j79&z=1541556257

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-1&cid=247937804.1567631378&jid=1169632464&_v=j79&z=87014768

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=247937804.1567631378&jid=1751298179&_v=j79&z=1541556257&slf_rd=1&random=4035830279

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-1&cid=247937804.1567631378&jid=1169632464&_v=j79&z=87014768&slf_rd=1&random=1348617641

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=247937804.1567631378&jid=1858552614&_v=j79&z=829921393

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-84885901-4&cid=247937804.1567631378&jid=1858552614&_v=j79&z=829921393&slf_rd=1&random=398338710

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/819543010/?random=1567631379432&cv=9&fst=1567630800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2Fnestbank.pl%2F&tiba=Lokaty%2C%20kredyty%2C%20konta%20bankowe%20i%20oszcz%C4%99dno%C5%9Bciowe%20%7C%20Nest%20Bank&async=1&fmt=3&is_vtc=1&random=1377155434&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nestbank.pl/	1970-01-19 03:27:11	Name: _dc_gtm_UA-84885901-4 Value: 1
.nestbank.pl/	1970-01-19 03:28:37	Name: _gid Value: GA1.2.366312673.1567631378
.nestbank.pl/	1970-01-19 12:12:47	Name: _hjid Value: a3e59dbe-596e-4bf1-a4e3-c72a746447b5
.nestbank.pl/	1970-01-19 20:58:23	Name: _ga Value: GA1.2.247937804.1567631378
nestbank.pl/	1969-12-31 23:59:59	Name: SESSION Value: !K1HbnzmtHuYY4+ZXL2R7O3iEjyQFvjuzvpbABuPJlpqUmKgU0HpfVA/8CAgQW9geZciaO1JGLj2OH/c=
nestbank.pl/	1969-12-31 23:59:59	Name: Nestbank_SessionId Value: xmzn3ddmmblcg3so2cmsie3a
nestbank.pl/	1969-12-31 23:59:59	Name: CMSCsrfCookie Value: J/R6I2ibfNGL/dHgVZidMiRDFtizfiyd9MlwY/Uy
nestbank.pl/	1969-12-31 23:59:59	Name: scrpt Value: 1
.nestbank.pl/	1969-12-31 23:59:59	Name: ARRAffinity Value: a4b97459f90b4bea1372963ae671ef32436fdac5a1609ccc33d489656c4949b0
.nestbank.pl/	1970-01-19 03:27:11	Name: _dc_gtm_UA-84885901-1 Value: 1
nestbank.pl/	1970-01-19 12:14:13	Name: CMSPreferredCulture Value: pl-PL

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .google.com .googletagmanager.com .hotjar.com .hotjar.io; img-src 'self' data: blob: .googletagmanager.com .google-analytics.com .google.com .google.pl .gstatic.com .doubleclick.net; font-src 'self' data: .googleapis.com .gstatic.com; style-src 'self' 'unsafe-inline' .google.com .gstatic.com .googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .nestbank.pl .googletagmanager.com .google-analytics.com .google.com .googleadservices.com .doubleclick.net .hotjar.com; child-src 'self' blob: .nestbank.pl https://api.maptiler.com https://maps.tilehosting.com https://api.mapbox.com https://www.youtube.com .hotjar.com .hotjar.io;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
nestbank.pl
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.nestbank.pl
www.google.com
www.google.de
147.75.32.75
147.75.83.163
147.75.84.99
172.217.16.198
172.217.18.98
193.105.248.157
216.58.206.2
2a00:1450:4001:819::2008
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2002
2a00:1450:4001:825::200e
047d0fc4451fb67490dab3296ba22d112cd05e1504abf60dfe0f1eda73db8e4e
09fc6b253a6dcda9ce632eaf1ab674a2dd967c84c59ead2a923a75d9c2b3c5c7
0ad03c72d9319841c4787f868d40bd4c18e573079996e861fe1f2b4715ce2952
0bed64f0dee9ced51c6f329273d213151e899bd600e0f6f11831868c3dc782cd
11a81ffecd8b8c0f67661b5c21d2005f177ec7b4c3c9146470819fe5b5a3741b
25ae758c76521479b032194ac0988356a66cccbd28b5cd664f63a4a5891296fd
25be8e779bfca44d1404c54a6b38480d0fc644486e3c9665e846b14ecbcde1e7
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3cc6dadf854a3adcb716879159fbe6748a564c546d962fde0d0d9f4298f48f6a
3e4cbb082f67f64b97fe323d09724b57b71dcf0012990a124a448b601efe3bc0
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41bd4b55fdf814524b7cfcaa2628f66ad921736304f2a30f0b91b23dbc17324a
4207a8834a49108a620b320188c08cc3e7bda6a0d8a21d1e8f3fcd9803a52f01
431f43d2082371f7ec0fb013b2b697197aff18c31d7ce5fc56453ea56f0bb663
4831b4ad5b53444cd0cace4f2da847605ea51d363400bbefcc5855afd20e7834
5824aea78dcee0f48c3f4e29ddf336419a10f482089ddc52663151f5313babe1
640efc59b1019aad72a66017bda124cecd41bad309ad11cae3c7c1dd63c0a9fe
64621744ef4b5ca3f3cc31ff7f6b17cfd9fc87e3deaae9a93be3d7e5a6572a23
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
681594d2caea771fae13fe7bf4eadbdbd1df44865e4cc13b29812f2107774672
698d4de529adea7d1ee84768978697137241c37d2943478ba63ee27123fbc6c2
6c8cfcecf509daa3cb6e739125201f2da11659d0f9948deb7dc757441d1744e7
6f57c2d49d5f317beed68fd7d4ccad08c4f96f7198a7532db2c35250e08039f0
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
81e081d72405af4c18b19f26b74b94de0e110c66e79b0d7bdf173e1671c5e33b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8519253787cc3c1e2f4c4ce708408abea0435b7064232495dc37cf6c7751d55f
8cdd44c48196c3921bff4dfd4799ecdec1179cacdf579582931eafdb31193a75
8d85e92e1225118f4a66a214e6c474ccf2375e5beaef9710b7b6127a8c77e20a
8e98bc6ff3ddc3d933fa916af6ee8a5cc00e7b6f25db8e04e03d042e5cc23cd6
92b8c73dd6c5a2148f4cddf17a29b696b4fb14ca9a7d3ca5368e66e3a2d13040
953c16dcfd4919912843903ad0a83777a71e33da9a8bf1a93b6fa4cef07299f3
9cfc50c0a06e80ec3cd0214a772420c417a93e0cf5b780530f40e59462461871
b36331701bbc2b2847dc10a919d003111a359291aadd5935d15921f5a4524249
b5c2ec69838035adb3bebe6e6075cb4691845890dec61124e3cbbce6977709d6
bfa849d7aae93c5af196d8ccb1b5979a853b49cbd392e1a0eb7eadd0c47266f9
bfcfa788ad08ea44373215eb0861bbb4c8dee755d2bb6a76db17223482e5f403
c1bf6f27abe617b4c181dcac6f19dbf68c727b34e446fadb9394207c659aedc6
c391e5ed80467263d2dac3055a008ea70e6d8d1adcf4ee4b9255716f3be918f5
c57d348c99771c6acda3ebcfde05476cb280aec352be851917b0774313cb63a3
c67cac87953aa5ab7427b1ea39da576190d2e2fd06f0b00d288c7dadb6d2baef
d2bf19079fe294d35705c186017ba201671de01f0168af66292ad324180e7b84
d87c3470774af78d1ce5df2c91bec0f7950b472c66ad0d51c5c553601c3d4033
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c7cd2c82e8ec033565f7010aea245df1bf88f7299428071596bc9f41a5c0cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f335dcd49d10880c6a74f6403b7571b86b68122fff00dd5e0e195216233fef
f3109f4279010cd19bca5392b782dd9c0440da72bcbc4ef34e00431afddbad6c

nestbank.pl Open in urlscan Pro 193.105.248.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

88 %HTTPS

36 %IPv6

8 Domains

13 Subdomains

12 IPs

5 Countries

899 kBTransfer

2625 kBSize

11 Cookies

9 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nestbank.pl Open in urlscan Pro
193.105.248.157 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

88 %
HTTPS

36 %
IPv6

8
Domains

13
Subdomains

12
IPs

5
Countries

899 kB
Transfer

2625 kB
Size

11
Cookies

59 HTTP transactions
0 data transactions