main.d3uat5wlchtbd9.amplifyapp.com Open in urlscan Pro
52.84.251.58 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Submission: On March 05 via manual (March 5th 2023, 2:50:41 pm UTC) from ZA — Scanned from AU

Summary HTTP 58 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 58 HTTP transactions. The main IP is 52.84.251.58, located in United States and belongs to AMAZON-02, US. The main domain is main.d3uat5wlchtbd9.amplifyapp.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 3rd 2023. Valid for: a year.

This is the only time main.d3uat5wlchtbd9.amplifyapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	52.84.251.58 52.84.251.58	16509 (AMAZON-02) (AMAZON-02)
4	196.11.125.154 196.11.125.154	37028 (FNBCONNECT) (FNBCONNECT)
2	74.125.68.97 74.125.68.97	15169 (GOOGLE) (GOOGLE)
1 11	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
1	142.251.12.157 142.251.12.157	15169 (GOOGLE) (GOOGLE)
1	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
1 2	142.250.4.155 142.250.4.155	15169 (GOOGLE) (GOOGLE)
3	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
1 1	172.217.194.154 172.217.194.154	15169 (GOOGLE) (GOOGLE)
2 2	74.125.24.105 74.125.24.105	15169 (GOOGLE) (GOOGLE)
58	9

35 52.84.251.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-58.sin5.r.cloudfront.net

main.d3uat5wlchtbd9.amplifyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 196.11.125.154 (South Africa)

ASN37028 (FNBCONNECT, ZA)
PTR: www.online.fnb.co.za

www.online.fnb.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.239.36.178 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.105 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	amplifyapp.com main.d3uat5wlchtbd9.amplifyapp.com	299 KB
11	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 30	91 KB
4	fnb.co.za www.online.fnb.co.za	7 KB
3	google.com.au www.google.com.au — Cisco Umbrella Rank: 24577	625 B
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	2 KB
3	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 310 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	169 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	28 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	2 KB
58	9

	Domain	Requested by
35	main.d3uat5wlchtbd9.amplifyapp.com	main.d3uat5wlchtbd9.amplifyapp.com
11	www.google-analytics.com	1 redirects main.d3uat5wlchtbd9.amplifyapp.com
4	www.online.fnb.co.za	main.d3uat5wlchtbd9.amplifyapp.com
3	www.google.com.au	main.d3uat5wlchtbd9.amplifyapp.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	main.d3uat5wlchtbd9.amplifyapp.com www.googletagmanager.com
1	googleads.g.doubleclick.net	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	connect.facebook.net	main.d3uat5wlchtbd9.amplifyapp.com
1	www.googleadservices.com	www.googletagmanager.com
58	11

This site contains links to these domains. Also see Links.

Domain
www.fnb.co.za

Subject Issuer	Validity	Valid
*.d3uat5wlchtbd9.amplifyapp.com Amazon RSA 2048 M02	`2023-03-03` - `2024-04-01`	a year	crt.sh
www.fnb.co.za Entrust Certification Authority - L1M	`2022-05-09` - `2023-06-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-12`	2 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Frame ID: 239CD303F4D4EB84DD359333BDF7651B
Requests: 35 HTTP requests in this frame

Frame: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/blankpage.html
Frame ID: 0A33FDE9DB9107A5237AF6C9A68BA512
Requests: 1 HTTP requests in this frame

Frame: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge.html
Frame ID: 82EC904995B423DE5D9CBCD36BF8C975
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Banking

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

97 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

597 kB
Transfer

1786 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fnb.co.za/
Title: www.FNB.co.za

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923716104/?random=31357932&cv=11&fst=1678027836996&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&ref=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&value=0&auid=1390330655.1678027836&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PawEZJT7Hf614t4Pg9-_uAs&sscte=1&crd=&eitems=ChEIgJiRoAYQ2eq5lYPpgIGPARIdANUocsQ6AnKxIRQt0gNI_cw1F8Q2ybOogwd6a3E&pscrd=Ek9DaEVJZ0ppUm9BWVExc0MyX3R2bnBlbXNBUkltQVBPRF9yUno3bXc3QmZFRUJMel96WmNkUjM5WFR6U3NhT1JWQ0ZOTWQ2N0RGWGJiSWpRGlhDaEFJZ0ppUm9BWVEyc3V3dk4tLWg5Uk1FaTRBYkVNNmxva3pxbUxBQUtyYlZ5LXUxNl9IMzNYRFJaRFpWSXYzXzlzSmJ6TlJZS1Q5WTI0c0Jvdjd1dzlP HTTP 302
https://www.google.com/pagead/1p-conversion/923716104/?random=31357932&cv=11&fst=1678027836996&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&ref=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&value=0&auid=1390330655.1678027836&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0ppUm9BWVExc0MyX3R2bnBlbXNBUkltQVBPRF9yUno3bXc3QmZFRUJMel96WmNkUjM5WFR6U3NhT1JWQ0ZOTWQ2N0RGWGJiSWpRGlhDaEFJZ0ppUm9BWVEyc3V3dk4tLWg5Uk1FaTRBYkVNNmxva3pxbUxBQUtyYlZ5LXUxNl9IMzNYRFJaRFpWSXYzXzlzSmJ6TlJZS1Q5WTI0c0Jvdjd1dzlP&is_vtc=1&ocp_id=PawEZJT7Hf614t4Pg9-_uAs&eitems=ChEIgJiRoAYQ2eq5lYPpgIGPARIdANUocsQFB7xk4CztKB0E72KStIx6e9RRIICsJUQ&random=3910912296 HTTP 302
https://www.google.com.au/pagead/1p-conversion/923716104/?random=31357932&cv=11&fst=1678027836996&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&ref=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&value=0&auid=1390330655.1678027836&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0ppUm9BWVExc0MyX3R2bnBlbXNBUkltQVBPRF9yUno3bXc3QmZFRUJMel96WmNkUjM5WFR6U3NhT1JWQ0ZOTWQ2N0RGWGJiSWpRGlhDaEFJZ0ppUm9BWVEyc3V3dk4tLWg5Uk1FaTRBYkVNNmxva3pxbUxBQUtyYlZ5LXUxNl9IMzNYRFJaRFpWSXYzXzlzSmJ6TlJZS1Q5WTI0c0Jvdjd1dzlP&is_vtc=1&ocp_id=PawEZJT7Hf614t4Pg9-_uAs&eitems=ChEIgJiRoAYQ2eq5lYPpgIGPARIdANUocsQFB7xk4CztKB0E72KStIx6e9RRIICsJUQ&random=3910912296&ipr=y&prhg=0

Request Chain 49

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=18364789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2FOnline%2520Banking_files%2Fga_bridge.html&el=25&ev=0&_u=aGDAAEADU~&jid=1083300282&gjid=1894009374&cid=513865239.1678027836&tid=UA-5815571-8&_gid=628737242.1678027836&_r=1&gtm=2wg941KH76K8&cd1=513865239.1678027836&z=1831629518 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5815571-8&cid=513865239.1678027836&jid=1083300282&_gid=628737242.1678027836&gjid=1894009374&_v=j79&z=1831629518 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=513865239.1678027836&jid=1083300282&_v=j79&z=1831629518 HTTP 302
https://www.google.com.au/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=513865239.1678027836&jid=1083300282&_v=j79&z=1831629518&slf_rd=1&random=2643247354

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html Show response
main.d3uat5wlchtbd9.amplifyapp.com/ 42 KB
9 KB 891ms
478ms Document
text/html 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f3892aa3a68dc73f1ccb1549dd05f14a5949980f03d40a74afa0da02af8ee0e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Sun, 05 Mar 2023 14:50:34 GMT
etag: W/"bd7bf8eebb96f801c4355606f8332515"
last-modified: Fri, 03 Mar 2023 06:44:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
x-amz-cf-id: Pxf1PUh52AXX6r1_NN3hMdn4whIldQ3ZtxTIgI7GDErrJsSStSAEsA==
x-amz-cf-pop: SIN5-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 reset.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 1 KB
971 B 466ms
460ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/reset.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c190330a5ba709d97f6d2bc4a40f60dee9e99c4af9e906c7df22898c6945a9d9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"03c8905d71b46df1c9a73a1d17397ecc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: nTcm4FKPB78Hag1RdESMDzwjItbX8toJ0oZXXhGQil2-1Ef9O_gjvw==

GET
H2 200 initials_combined.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 45 KB
9 KB 502ms
495ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/initials_combined.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f3fcd835ce63ee79223ba7894c8997ebb29b0d51662350695585bbc9ebfa47e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"c50a8f89b672c97e5eaacdd5ff1f6eb3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: -zHUYAlCJdzWeEsqUNDSsY5mO7wfXvzuGHVrm8DXd28-Ob8xflMksg==

GET
H2 200 frame_combined.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 15 KB
4 KB 683ms
676ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/frame_combined.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd1879ddf5566fac5cb6da123531ea880c4ef2325ecdb14f096e96eafc4ba432

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"a0c7c10819286a6ce82f98dd9d4a1278"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: Yw1jcnovL_7X3K8B-9wIawwn4X1yfmoXiFyBHKR_A5Tetc2OUPJ-Hg==

GET
H2 200 forms_combined.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 38 KB
7 KB 523ms
517ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/forms_combined.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d70b2437043890e166b4ccdd263de560424b957dccd5d244c601dc06a10507d1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"79bc68d5c0e5c274ae596b57e406469d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: -PsjQiqP0wVNtV9lO6JInGdVx7xtPdxhB-gWvGGCHfCABujIlQhY6A==

GET
H2 200 markup_combined.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 16 KB
3 KB 677ms
671ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/markup_combined.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6641533ea642ceea235b8091b17f4fb2ea4b2b90c5cf3fb8373a596c2eddd094

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"296bbe900a307c1c00d19f0e16f0a22e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: q_AClIJhxHapHz1yUAGxHDEwVXYlbhd8YVvI_y93pOonKrJFnewD3g==

GET
H2 200 utils_combined.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 36 KB
7 KB 546ms
540ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/utils_combined.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1623b3486d1a6d83c620d57229ec894b6c984c200a4237c57877ba73bb06daac

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"32ceaf85a4cb0c049fedc208c070d2c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: dzuS0avxSIUh87mMm5knlvgkF12BFKvnXpuMczctuztOBKrZkY1QQg==

GET
H2 200 instantSales.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 17 KB
3 KB 545ms
539ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/instantSales.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5df5e2df58451fd5fe182895bee45dbd9c65792bbf93203362f7ab70ca81a5f7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"cb71e7f72d74d8ec06ad5b91d730134f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 7Utijli8bqbgl-lmzMtuYq9b8W9eekDVgoVdy0fETVkT2qG7ksbHbQ==

GET
H2 200 final_combined.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 853 B
1 KB 687ms
681ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/final_combined.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9553327130e497d2e9685c74851ffeac2c23d33998d47818c552ab2ecddb84c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "d919cd16a3efc35ef234f608f168ddef"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 853
x-amz-cf-id: TOKXbZa-i8DKfdPZ2SGnVrCivqFkYATyEGcqJsrHFcIVw8To7ZEn_A==

GET
H2 200 skin.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 12 KB
3 KB 500ms
494ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/skin.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2d90fd246736c8c795a54f84ee67f7b1ace8b672308f7da17ef99fd13b7180

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"4ae0360f16945aae4c32a6f389c456b4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: wHRI8a4kVDVuO--gAMnUJTc4zPGZG6Jl9L2jA8s9c3gga0JNx1-2-A==

GET
H2 200 icons.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 98 KB
11 KB 471ms
466ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/icons.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c409f409e226d9627a73788ebb7075d2aac225fc32b627e0817cc8ac1a58ad0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"60d7c31bc0202e5e020faad3f26048a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: kjjmIBMaOoLqx6NLgEg0sJpgZpeQYlvMcPwqeC2kgFe8Kr6UZqGgWg==

GET
H2 200 stylesheet_002.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 3 KB
791 B 924ms
919ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/stylesheet_002.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f2f49f02ef060ef019df5cdce2b25365d89bd5ad3bebd460c8db54e3af7320a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"a0f9b67caadc1d42dd92a957f368e41a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: yqp-EA4AYKImVTpxxCzcPRsrVzON9sCDPRWAnHDuyOV5q1wvzUifog==

GET
H2 200 dashBoardLayout.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 5 KB
1 KB 686ms
682ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/dashBoardLayout.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af7f1b0834d98245ad0ed6eebc023e3c583d289921f3306e142ec196935f683e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"658f61eb3a8b9fc37a0a7feb9a3d39be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: x5rde4nDg_7yWcHp0CyB4G8ahBUGE-UPBlOxJa_l6DLz263L_yxeuA==

GET
H2 200 reset_002.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 920 B
1 KB 1328ms
1323ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/reset_002.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3645b11132dd905d0bf1131bce0da3debce080dcf805f917a947d6c73e96350

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:36 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "edeb5ed0ba919e881be1ff321ea7a196"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 920
x-amz-cf-id: cTvBC7_epoG2lVJRt5NELYCgX6V5lqWgZ8JCdUnckTy2eGdOBhIxpQ==

GET
H2 200 topMenu.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 5 KB
2 KB 920ms
916ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/topMenu.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8bebf7da93d1297de1b66bbd2f12efda07a0cdff503d4809696643cc4be0fd75

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"f5ce2c65b9a87e93bcabf89810661ae6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: DplBxkcSTkBlad6zZZZPLXK6YJKh5JVFJdpqaJPcMYQbK2igMHiu6Q==

GET
H2 200 core.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 184 KB
35 KB 692ms
688ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/core.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41b88e2de50153634651fbae3bead31d89a469955593d45776be466cd0c97aa3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"4b48a9effea6c5ebead15aa5b250de22"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: rsWQd-TchdkK7SxzN5dNKiOmISfiwKlruS2XQy_dAt7dJIXWyy8z1g==

GET
H2 200 nonGlobal.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 22 KB
6 KB 903ms
899ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/nonGlobal.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c83c5a306aa168493c67f809fa030f3e43868748306b47c73b33346c79b242c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"e8ae214ecffa06119a1ca55314a4141e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: EFao-QyROkxc9cPVN8RsVpPqYvhLD_REcITBhul3_H_sdHp9CsbrEQ==

GET
H2 200 print.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 18 KB
4 KB 930ms
927ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/print.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 770f85165e765e17bb4fe7b1b18f942e3a4194825326038a2acf25b8ed12f053

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"602653c466e3d67ffd340a5b96d447b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: bCtBeAUibBDuiYlRFhLi7d7KvSsM69k2HLH_5NCHhmqNV0e4QOaL-w==

GET
H2 200 mobile.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 315 B
691 B 923ms
920ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/mobile.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "a34ac19f4afae63adc5d2f7bc970c07f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 315
x-amz-cf-id: l5GxG2kKyjTft5yzhtmAJmWZOQDH-mrhOAUgR18eim42T_bkVuot9g==

GET
H2 200 stylesheet.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 4 KB
730 B 766ms
763ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/stylesheet.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83e8b1885442e959b06d9dba3a43af5866af1965f6a79c604f587ec6dbb32569

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"cbd49b852b99fb2ff66ea2d3b59674a3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 9GupymrFYw-QNBSiMLdPQC4bGF0D1PaRDo1nAdBVYNxRiabMb1peEg==

GET
H2 200 jquery.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 508 B
884 B 690ms
687ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/jquery.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19dbb085d719a24a541c85d34d9800f3136b07b65bf6038e7f11f0157ff048ca

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "a8f000ee9d157a83b9f92474639b02ba"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 508
x-amz-cf-id: WX3bfc_hOSqimmwBiDrRkq6m5Q11RHdlgnNVl34U63AnfYa6F4yr9w==

GET
H2 200 applet.css
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 149 B
527 B 691ms
688ms Stylesheet
text/css 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/applet.css
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b978a7900b1ea0965aa1eaffb657fe7175e14439f74ca127906754992684bea

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "6d9a090ffb18774f97e2b9f4aa1f3dc2"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 149
x-amz-cf-id: RcbHa-htt0WLiPvZ7_mowDxR9ScE9vzwjI8ovOh0FC-M5B0fhPyb8Q==

GET
H2 200 jquery.min.js Show response
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 95 KB
33 KB 685ms
682ms Script
application/javascript 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/jquery.min.js
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"4f252523d4af0b478c810c2547a63e19"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: FSk-q2ingkCS2DT6d-3cielVQ9KfdHK2rdxaM8q6rGYx84We-8qoyw==

GET
H2 200 none.php Show response
main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/ 7 KB
7 KB 918ms
915ms Script
application/x-httpd-php 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/none.php
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31a4bcb881fd4f9e40e1e4431f0f55f8ca5be0a1bd17e498b3da1a6897af0d0a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "44e00adfb2467d48d6cda54fb341c417"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/x-httpd-php
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 6775
x-amz-cf-id: QHD4CASjKqEp9PoOLmyZsRi0H-WdNrjGH9jT2fEsc1YbkkFhtoJ_Ow==

GET
H2 200 print-logo.jpg
main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ 11 KB
11 KB 470ms
469ms Image
image/jpeg 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/print-logo.jpg
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ce488a49ee0c7d38c742d530ed163266899cb6e83f8a63a03de4dd7078c3e80

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:36 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "ecdeb3d2eaec0e026d2ea88521c853e8"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 11110
x-amz-cf-id: qy3r0M-sla2DKe14Es4Vk7tCuWZH8IsWJ7CQcaejOBK4jMxXXsO_RA==

GET
H2 200 mark.png
main.d3uat5wlchtbd9.amplifyapp.com/ 778 B
1 KB 461ms
460ms Image
image/png 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/mark.png
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03360e2229e27725405eb79db637399f3d96792ce0595adba70fc40ea02486aa

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:36 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "13219210688913f7d63e1bde1b54586d"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 778
x-amz-cf-id: gBLSNPLvN4IMbsuNOvqACH3bNc48VlkTlzgzAF3BxW9cA6fKmDh9XA==

GET
H2 200 tick.JPG
main.d3uat5wlchtbd9.amplifyapp.com/ 8 KB
8 KB 530ms
529ms Image
image/jpeg 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/tick.JPG
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a279ecd289dec3ca7d8910f9b942ad787d5c72d70bdedc2b097f2c2d3c8cbf3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:36 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:46 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "f241d34e3829b280325ded72030932e3"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 8303
x-amz-cf-id: i-AQxAurFm-AiQwIxQLsFvmQub2h2yjgVXLX7E6Vlap09eYxMTSyug==

GET
H2 200 confirm.png
main.d3uat5wlchtbd9.amplifyapp.com/ 60 KB
61 KB 475ms
475ms Image
image/png 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/confirm.png
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50402915f33f8a4d7e02b43f804185ab5c77619aa637b0284fab4beba55c9b56

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:36 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "8a54e9e051a63353b2ddc84dcae29a25"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 61662
x-amz-cf-id: 1mGM9TnadXSdEh6kml-LwAvbiOX-XrCo3CnOxfjLgkooUqQE0RGjXQ==

GET
H2 200 init.js Show response
main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ 723 B
1 KB 522ms
521ms Script
application/javascript 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/init.js
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 076c7efc87c1b71f280205e1f993ec26d104df08dcd13aee7a77897f2971beca

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:36 GMT
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: "6694cca77b7c31fdd21b576c94891fb3"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
content-length: 723
x-amz-cf-id: 6HOG4SSvDfivsjjr79UYwwKFUPsuz2ZjwMVFDl_A_COvCfd4QAUdkQ==

GET
H2 200 blankpage.html Show response
main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ Frame 0A33 107 B
484 B 530ms
529ms Document
text/html 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/blankpage.html
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1df25d4bd4693b4d105b6aa0bbe82a9cb141b9db9e1285b4e0610ea53e378bc9

Request headers

Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=0, s-maxage=2
content-length: 107
content-type: text/html
date: Sun, 05 Mar 2023 14:50:36 GMT
etag: "0b2a6e4cbbb4e1e5c2c2baea38e61fcb"
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
x-amz-cf-id: _u4GWusU1YOdyLQhns8MswUbnpdK0ELsGSziv0n2wZVLFn5hm1w0WA==
x-amz-cf-pop: SIN5-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H/1.1 200
OK settings.png
www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/ 1 KB
2 KB 2173ms
543ms Image
image/png 196.11.125.154
FNBCONNECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/settings.png?v=12345678

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/initials_combined.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

196.11.125.154 , South Africa, ASN37028 (FNBCONNECT, ZA),

Reverse DNS

www.online.fnb.co.za

Software

IIS / Sun One

Resource Hash

f61309b5ff0c44dc567d72ce14e72ef151c88a5397a27dc1b131c8cc77272993

Security Headers

Name

Value

Content-Security-Policy

frame-src 'self' *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;

Strict-Transport-Security

max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: frame-src 'self' *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security: max-age=31536000
Date: Sun, 05 Mar 2023 14:50:37 GMT
Last-Modified: Sat, 08 Oct 2022 00:29:15 GMT
Server: IIS
ETag: "41e-5ea7b04335867"
X-Powered-By: Sun One
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1054
X-UA-Compatible: IE=EDGE

GET
H/1.1 200
OK mail.png
www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/ 305 B
1 KB 2174ms
545ms Image
image/png 196.11.125.154
FNBCONNECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/mail.png?v=12345678

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/initials_combined.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

196.11.125.154 , South Africa, ASN37028 (FNBCONNECT, ZA),

Reverse DNS

www.online.fnb.co.za

Software

IIS / Sun One

Resource Hash

f01e2ed509ef4ebd45f586910c5c7f782927e9ac72414aac06289b13b227d665

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: frame-src 'self' *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security: max-age=31536000
Date: Sun, 05 Mar 2023 14:50:37 GMT
Last-Modified: Sat, 08 Oct 2022 00:27:36 GMT
Server: IIS
ETag: "131-5ea7afe4336fe"
X-Powered-By: Sun One
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 305
X-UA-Compatible: IE=EDGE

GET
H/1.1 200
OK contactUs.png
www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/ 581 B
2 KB 2172ms
542ms Image
image/png 196.11.125.154
FNBCONNECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/contactUs.png?v=12345678

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/initials_combined.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

196.11.125.154 , South Africa, ASN37028 (FNBCONNECT, ZA),

Reverse DNS

www.online.fnb.co.za

Software

IIS / Sun One

Resource Hash

e48debcb7c354ac90f888a72d3a86ef703358623fc8de044036b5fe4496d2049

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: frame-src 'self' *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security: max-age=31536000
Date: Sun, 05 Mar 2023 14:50:37 GMT
Last-Modified: Sat, 08 Oct 2022 00:27:36 GMT
Server: IIS
ETag: "245-5ea7afe42e4f6"
X-Powered-By: Sun One
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 581
X-UA-Compatible: IE=EDGE

GET
H/1.1 200
OK help.png
www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/ 523 B
2 KB 2173ms
544ms Image
image/png 196.11.125.154
FNBCONNECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/help.png?v=12345678

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/initials_combined.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

196.11.125.154 , South Africa, ASN37028 (FNBCONNECT, ZA),

Reverse DNS

www.online.fnb.co.za

Software

IIS / Sun One

Resource Hash

439e9b84cae9f857d69170bdee92e6951c4a91abe20c3601572f2a88dc295578

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: frame-src 'self' *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security: max-age=31536000
Date: Sun, 05 Mar 2023 14:50:37 GMT
Last-Modified: Sat, 08 Oct 2022 00:29:15 GMT
Server: IIS
ETag: "20b-5ea7b042940e9"
X-Powered-By: Sun One
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 523
X-UA-Compatible: IE=EDGE

GET
H2 404 menuBg_v2.png
main.d3uat5wlchtbd9.amplifyapp.com/images/actionMenu/ 7 KB
7 KB 525ms
525ms Image
text/html 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/images/actionMenu/menuBg_v2.png?v=1234567
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/frame_combined.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac834d63809c27e17a68c7a05073e23e1be933efd1a001ad7649e28f342c0344

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/frame_combined.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:34 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SIN5-C1
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
x-amz-cf-id: Nem65wRGrj0syfNpvstCtoztyfNxyGAz8aSW2PHLzihhx9bSMCQD0w==

GET
H2 404 btn-tooltip_b.png
main.d3uat5wlchtbd9.amplifyapp.com/banking/03images/base/tooltip/ 7 KB
7 KB 505ms
505ms Image
text/html 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/banking/03images/base/tooltip/btn-tooltip_b.png?v=3
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/core.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac834d63809c27e17a68c7a05073e23e1be933efd1a001ad7649e28f342c0344

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/ebucks-rewards_files/core.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:35 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SIN5-C1
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
x-amz-cf-id: AMOggGBMwW33tVcZmTajUL9swdacVmKzKkK5QcpI1GeXgE3fQ-INjg==

GET
H2 200 ga_bridge.html Show response
main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ Frame 82EC 2 KB
1 KB 616ms
615ms Document
text/html 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge.html
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7eeb05d012171f2f8a3b32e6bcd46b5bcd34cce222714f4c60238504b5d6c07

Request headers

Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Sun, 05 Mar 2023 14:50:36 GMT
etag: W/"5bfa9fe16e7355147ab8959198d9909a"
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
x-amz-cf-id: 3XFIyCxfqvZIBcXu3dkWTIruGtHrDcFFiUqlEiJ20tx-ZKNXwgFR6w==
x-amz-cf-pop: SIN5-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 analytics.js Show response
main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge_data/ Frame 82EC 43 KB
18 KB 480ms
479ms Script
application/javascript 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge_data/analytics.js
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:37 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"b66b3b5d54e154c81a50880cdcd7e5f8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: orazhl-gfEhTjEZGCJOb_Gf5Ac8-JffLbxWags9trtLUJOZDmL01RQ==

GET
H2 200 gtm.js Show response
main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge_data/ Frame 82EC 104 KB
32 KB 480ms
480ms Script
application/javascript 52.84.251.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge_data/gtm.js
Requested by: Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-58.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c83bcfc4ccbea0e68eb3f1ac90a11d9ff8f9889b46b06d5203c9e21ae434fea

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:37 GMT
content-encoding: gzip
via: 1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 06:44:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"98fe5e345b0129f417adefc239ceb482"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: qqhjWo2iiWOB4U3ola2UpkoeeGtuXqBzYOgRjutEFLtebDjrr6Gizw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 82EC 303 KB
93 KB 620ms
232ms Script
application/javascript 74.125.68.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KH76K8

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

cc27f5e1c5452e4b31ed33879f2fee97df3d96d2fadeb56461e524f97236befc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94380
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Mar 2023 14:50:36 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ Frame 82EC 144 KB
50 KB 737ms
441ms Script
application/javascript 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KHFRWD7&t=gtm1&cid=513865239.1678027836

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge_data/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1642d9a3a6ac0c0c1505c5fb40f3a9239cb4853b2243c8989e222045193a46d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51171
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 14:50:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 82EC 49 KB
20 KB 395ms
100ms Script
text/javascript 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge_data/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Mar 2023 13:39:57 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4239
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Mar 2023 15:39:57 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/923716104/ Frame 82EC 3 KB
2 KB 589ms
199ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/923716104/?random=1678027836996&cv=11&fst=1678027836996&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&ref=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&value=0&bttype=purchase&auid=1390330655.1678027836&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH76K8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

cafe /

Resource Hash

655c5a7a4b8e0100e364c60207ccae02b6622c6def075125eac9ae1a5f299729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 14:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1658
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 82EC 107 KB
28 KB 597ms
200ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 05 Mar 2023 14:50:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: g8KKZI8KfX7Z7DVSYzpxzI85CA3qnbHfliOKdwDegc4gPDFZ7IjpuZ5yU2wv6v756az1acKGnPPAPQYQO+xOLQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 82EC 221 KB
77 KB 208ms
207ms Script
application/javascript 74.125.68.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R5MC7P7YMJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH76K8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b3cba350dee1a20cd695509e3d996d1ac288f75c3275a25b95924012545fc1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 14:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 14:50:37 GMT

POST
H2 204 collect
analytics.google.com/g/ Frame 82EC 0
268 B 501ms
196ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-R5MC7P7YMJ&gtm=45je3310&_p=18364789&_gaz=1&cid=593795964.1678027837&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678027837&sct=1&seg=0&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&dr=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&dt=&en=page_view&_fv=1&_nsi=1&_ss=2&ep.GA4_CID=rawGA4cid.undefined&ep.debug_mode=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5MC7P7YMJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 14:50:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://main.d3uat5wlchtbd9.amplifyapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame 82EC 0
268 B 585ms
194ms Ping
text/plain 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5MC7P7YMJ&cid=593795964.1678027837&gtm=45je3310&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5MC7P7YMJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 14:50:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://main.d3uat5wlchtbd9.amplifyapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ Frame 82EC 42 B
408 B 591ms
197ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R5MC7P7YMJ&cid=593795964.1678027837&gtm=45je3310&aip=1&z=1033299171

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 14:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com.au/pagead/1p-conversion/923716104/ Frame 82EC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923716104/?random=31357932&cv=11&fst=1678027836996&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=OexWCMTv8b0DEIiUu7...
https://www.google.com/pagead/1p-conversion/923716104/?random=31357932&cv=11&fst=1678027836996&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadser...
https://www.google.com.au/pagead/1p-conversion/923716104/?random=31357932&cv=11&fst=1678027836996&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=OexWCMTv8b0DEIiUu7gD&hn=www.googlead...

42 B
154 B

204ms
203ms

Image
image/gif

142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/923716104/?random=31357932&cv=11&fst=1678027836996&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&ref=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&value=0&auid=1390330655.1678027836&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0ppUm9BWVExc0MyX3R2bnBlbXNBUkltQVBPRF9yUno3bXc3QmZFRUJMel96WmNkUjM5WFR6U3NhT1JWQ0ZOTWQ2N0RGWGJiSWpRGlhDaEFJZ0ppUm9BWVEyc3V3dk4tLWg5Uk1FaTRBYkVNNmxva3pxbUxBQUtyYlZ5LXUxNl9IMzNYRFJaRFpWSXYzXzlzSmJ6TlJZS1Q5WTI0c0Jvdjd1dzlP&is_vtc=1&ocp_id=PawEZJT7Hf614t4Pg9-_uAs&eitems=ChEIgJiRoAYQ2eq5lYPpgIGPARIdANUocsQFB7xk4CztKB0E72KStIx6e9RRIICsJUQ&random=3910912296&ipr=y&prhg=0

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge.html

Protocol

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 14:50:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 14:50:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-conversion/923716104/?random=31357932&cv=11&fst=1678027836996&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&ref=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.html&value=0&auid=1390330655.1678027836&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0ppUm9BWVExc0MyX3R2bnBlbXNBUkltQVBPRF9yUno3bXc3QmZFRUJMel96WmNkUjM5WFR6U3NhT1JWQ0ZOTWQ2N0RGWGJiSWpRGlhDaEFJZ0ppUm9BWVEyc3V3dk4tLWg5Uk1FaTRBYkVNNmxva3pxbUxBQUtyYlZ5LXUxNl9IMzNYRFJaRFpWSXYzXzlzSmJ6TlJZS1Q5WTI0c0Jvdjd1dzlP&is_vtc=1&ocp_id=PawEZJT7Hf614t4Pg9-_uAs&eitems=ChEIgJiRoAYQ2eq5lYPpgIGPARIdANUocsQFB7xk4CztKB0E72KStIx6e9RRIICsJUQ&random=3910912296&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 82EC 49 KB
20 KB 101ms
100ms Script
text/javascript 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: main.d3uat5wlchtbd9.amplifyapp.com
URL: https://main.d3uat5wlchtbd9.amplifyapp.com/Online%20Banking_files/ga_bridge_data/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Mar 2023 13:39:57 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4242
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Mar 2023 15:39:57 GMT

GET
H3

200

ga-audiences
www.google.com.au/ads/ Frame 82EC
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=18364789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5815571-8&cid=513865239.1678027836&jid=1083300282&_gid=628737242.1678027836&gjid=1894009374&_v=j79&z=1831629518
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=513865239.1678027836&jid=1083300282&_v=j79&z=1831629518
https://www.google.com.au/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=513865239.1678027836&jid=1083300282&_v=j79&z=1831629518&slf_rd=1&random=2643247354

42 B
63 B

198ms
197ms

Image
image/gif

142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=513865239.1678027836&jid=1083300282&_v=j79&z=1831629518&slf_rd=1&random=2643247354

Protocol

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 14:50:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 14:50:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=513865239.1678027836&jid=1083300282&_v=j79&z=1831629518&slf_rd=1&random=2643247354
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 82EC 35 B
192 B 103ms
100ms Image
image/gif 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=18364789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2FOnline%2520Banking_files%2Fga_bridge.html&el=25&ev=0&_u=aGHAAEADU~&jid=&gjid=&cid=513865239.1678027836&tid=UA-5815571-8&_gid=628737242.1678027836&gtm=45He3310n71KH76K8&cd1=513865239.1678027836&cd21=dl_blank&cd22=dl_blank&cd25=non_partner&cd27=GA1.4.513865239.1678027836&cd48=dl_blank&cd50=rawGA4cid.undefined&cd51=c_undefined&cd55=2.3&cd56=GTM-KH76K8&cd57=122&z=1909868643

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 05:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34933
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 82EC 35 B
91 B 104ms
101ms Image
image/gif 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=18364789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2FOnline%2520Banking_files%2Fga_bridge.html&el=50&ev=0&_u=aGHAAEADU~&jid=&gjid=&cid=513865239.1678027836&tid=UA-5815571-8&_gid=628737242.1678027836&gtm=2wg941KH76K8&cd1=513865239.1678027836&z=497098652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 05:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34933
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 82EC 35 B
91 B 104ms
102ms Image
image/gif 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=18364789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2FOnline%2520Banking_files%2Fga_bridge.html&el=50&ev=0&_u=aGHAAEADU~&jid=&gjid=&cid=513865239.1678027836&tid=UA-5815571-8&_gid=628737242.1678027836&gtm=45He3310n71KH76K8&cd1=513865239.1678027836&cd21=dl_blank&cd22=dl_blank&cd25=non_partner&cd27=GA1.4.513865239.1678027836&cd48=dl_blank&cd50=rawGA4cid.undefined&cd51=c_undefined&cd55=2.3&cd56=GTM-KH76K8&cd57=122&z=947808579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 05:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34933
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 82EC 35 B
91 B 105ms
103ms Image
image/gif 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=18364789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2FOnline%2520Banking_files%2Fga_bridge.html&el=75&ev=0&_u=aGHAAEADU~&jid=&gjid=&cid=513865239.1678027836&tid=UA-5815571-8&_gid=628737242.1678027836&gtm=2wg941KH76K8&cd1=513865239.1678027836&z=850668922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 05:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34933
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 82EC 35 B
91 B 105ms
104ms Image
image/gif 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=18364789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2FOnline%2520Banking_files%2Fga_bridge.html&el=75&ev=0&_u=aGHAAEADU~&jid=&gjid=&cid=513865239.1678027836&tid=UA-5815571-8&_gid=628737242.1678027836&gtm=45He3310n71KH76K8&cd1=513865239.1678027836&cd21=dl_blank&cd22=dl_blank&cd25=non_partner&cd27=GA1.4.513865239.1678027836&cd48=dl_blank&cd50=rawGA4cid.undefined&cd51=c_undefined&cd55=2.3&cd56=GTM-KH76K8&cd57=122&z=829719522

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 05:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34933
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 82EC 35 B
91 B 106ms
104ms Image
image/gif 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=18364789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2FOnline%2520Banking_files%2Fga_bridge.html&el=100&ev=0&_u=aGHAAEADU~&jid=&gjid=&cid=513865239.1678027836&tid=UA-5815571-8&_gid=628737242.1678027836&gtm=2wg941KH76K8&cd1=513865239.1678027836&z=1149347343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 05:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34933
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 82EC 35 B
91 B 106ms
105ms Image
image/gif 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=18364789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmain.d3uat5wlchtbd9.amplifyapp.com%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2FOnline%2520Banking_files%2Fga_bridge.html&el=100&ev=0&_u=aGHAAEADU~&jid=&gjid=&cid=513865239.1678027836&tid=UA-5815571-8&_gid=628737242.1678027836&gtm=45He3310n71KH76K8&cd1=513865239.1678027836&cd21=dl_blank&cd22=dl_blank&cd25=non_partner&cd27=GA1.4.513865239.1678027836&cd48=dl_blank&cd50=rawGA4cid.undefined&cd51=c_undefined&cd55=2.3&cd56=GTM-KH76K8&cd57=122&z=2019692431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://main.d3uat5wlchtbd9.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 05:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34933
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amplifyapp.com/	1970-01-20 12:16:43	Name: _gcl_au Value: 1.1.1390330655.1678027836
.main.d3uat5wlchtbd9.amplifyapp.com/	1970-01-20 19:43:07	Name: _ga Value: GA1.4.513865239.1678027836
.main.d3uat5wlchtbd9.amplifyapp.com/	1970-01-20 10:08:34	Name: _gid Value: GA1.4.628737242.1678027836
.amplifyapp.com/	1970-01-20 19:43:07	Name: ga4_ga Value: GA1.1.593795964.1678027837
.amplifyapp.com/	1970-01-20 19:43:07	Name: ga4_ga_R5MC7P7YMJ Value: GS1.1.1678027837.1.0.1678027837.60.0.0
.doubleclick.net/	1970-01-20 10:07:08	Name: test_cookie Value: CheckForPermission
.amplifyapp.com/	1970-01-20 19:43:07	Name: _ga Value: GA1.2.513865239.1678027836
.amplifyapp.com/	1970-01-20 10:08:34	Name: _gid Value: GA1.2.628737242.1678027836
.amplifyapp.com/	1970-01-20 10:07:07	Name: _gat_UA-5815571-8 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://main.d3uat5wlchtbd9.amplifyapp.com/images/actionMenu/menuBg_v2.png?v=1234567 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://main.d3uat5wlchtbd9.amplifyapp.com/banking/03images/base/tooltip/btn-tooltip_b.png?v=3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
connect.facebook.net
googleads.g.doubleclick.net
main.d3uat5wlchtbd9.amplifyapp.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.online.fnb.co.za
142.250.4.155
142.251.12.157
142.251.12.94
157.240.235.1
172.217.194.154
196.11.125.154
216.239.34.181
216.239.36.178
52.84.251.58
74.125.24.105
74.125.68.97
03360e2229e27725405eb79db637399f3d96792ce0595adba70fc40ea02486aa
076c7efc87c1b71f280205e1f993ec26d104df08dcd13aee7a77897f2971beca
0b978a7900b1ea0965aa1eaffb657fe7175e14439f74ca127906754992684bea
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
1623b3486d1a6d83c620d57229ec894b6c984c200a4237c57877ba73bb06daac
1642d9a3a6ac0c0c1505c5fb40f3a9239cb4853b2243c8989e222045193a46d8
19dbb085d719a24a541c85d34d9800f3136b07b65bf6038e7f11f0157ff048ca
1df25d4bd4693b4d105b6aa0bbe82a9cb141b9db9e1285b4e0610ea53e378bc9
2c409f409e226d9627a73788ebb7075d2aac225fc32b627e0817cc8ac1a58ad0
31a4bcb881fd4f9e40e1e4431f0f55f8ca5be0a1bd17e498b3da1a6897af0d0a
41b88e2de50153634651fbae3bead31d89a469955593d45776be466cd0c97aa3
439e9b84cae9f857d69170bdee92e6951c4a91abe20c3601572f2a88dc295578
4f3892aa3a68dc73f1ccb1549dd05f14a5949980f03d40a74afa0da02af8ee0e
50402915f33f8a4d7e02b43f804185ab5c77619aa637b0284fab4beba55c9b56
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5df5e2df58451fd5fe182895bee45dbd9c65792bbf93203362f7ab70ca81a5f7
5f3fcd835ce63ee79223ba7894c8997ebb29b0d51662350695585bbc9ebfa47e
655c5a7a4b8e0100e364c60207ccae02b6622c6def075125eac9ae1a5f299729
6641533ea642ceea235b8091b17f4fb2ea4b2b90c5cf3fb8373a596c2eddd094
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
770f85165e765e17bb4fe7b1b18f942e3a4194825326038a2acf25b8ed12f053
7ce488a49ee0c7d38c742d530ed163266899cb6e83f8a63a03de4dd7078c3e80
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e8b1885442e959b06d9dba3a43af5866af1965f6a79c604f587ec6dbb32569
8a279ecd289dec3ca7d8910f9b942ad787d5c72d70bdedc2b097f2c2d3c8cbf3
8bebf7da93d1297de1b66bbd2f12efda07a0cdff503d4809696643cc4be0fd75
9b2d90fd246736c8c795a54f84ee67f7b1ace8b672308f7da17ef99fd13b7180
9c83bcfc4ccbea0e68eb3f1ac90a11d9ff8f9889b46b06d5203c9e21ae434fea
9c83c5a306aa168493c67f809fa030f3e43868748306b47c73b33346c79b242c
9f2f49f02ef060ef019df5cdce2b25365d89bd5ad3bebd460c8db54e3af7320a
a3645b11132dd905d0bf1131bce0da3debce080dcf805f917a947d6c73e96350
ac834d63809c27e17a68c7a05073e23e1be933efd1a001ad7649e28f342c0344
af7f1b0834d98245ad0ed6eebc023e3c583d289921f3306e142ec196935f683e
b3cba350dee1a20cd695509e3d996d1ac288f75c3275a25b95924012545fc1f6
bd1879ddf5566fac5cb6da123531ea880c4ef2325ecdb14f096e96eafc4ba432
c190330a5ba709d97f6d2bc4a40f60dee9e99c4af9e906c7df22898c6945a9d9
c9553327130e497d2e9685c74851ffeac2c23d33998d47818c552ab2ecddb84c
cc27f5e1c5452e4b31ed33879f2fee97df3d96d2fadeb56461e524f97236befc
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d70b2437043890e166b4ccdd263de560424b957dccd5d244c601dc06a10507d1
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48debcb7c354ac90f888a72d3a86ef703358623fc8de044036b5fe4496d2049
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01e2ed509ef4ebd45f586910c5c7f782927e9ac72414aac06289b13b227d665
f61309b5ff0c44dc567d72ce14e72ef151c88a5397a27dc1b131c8cc77272993
f7eeb05d012171f2f8a3b32e6bcd46b5bcd34cce222714f4c60238504b5d6c07

main.d3uat5wlchtbd9.amplifyapp.com Open in urlscan Pro 52.84.251.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

97 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

9 IPs

3 Countries

597 kBTransfer

1786 kBSize

9 Cookies

1 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

main.d3uat5wlchtbd9.amplifyapp.com Open in urlscan Pro
52.84.251.58 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

97 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

597 kB
Transfer

1786 kB
Size

9
Cookies

58 HTTP transactions
0 data transactions