login.nestbank.pl Open in urlscan Pro
193.105.248.200  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login Show response login.nestbank.pl/	3 KB 2 KB	170ms 30ms	Document text/html	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 2586e5325b85fdf5fccb15d50b9992b47c853cd9b86014590505d4d053e58727 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Encoding gzip Content-Type text/html Date Mon, 30 Jan 2023 10:19:56 GMT ETag W/"63d113df-a49:dtagent10255221104040649S8yA" Last-Modified Wed, 25 Jan 2023 11:34:55 GMT Server-Timing dtSInfo;desc="0", dtRpid;desc="1857107464" Transfer-Encoding chunked Vary Accept-Encoding X-OneAgent-JS-Injection true X-ruxit-JS-Agent true cache-control no-cache, no-store, max-age=0, must-revalidate server server strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 1; mode=block
GET H/1.1	200	banners.css login.nestbank.pl/theme/css/	56 KB 57 KB	34ms 31ms	Stylesheet text/css	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/theme/css/banners.css?v=0.17.20 Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 506bd9e88c7aecb5ab89fb6dc691086d6b0cbbea0cd394c101864d0029ab641e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login.nestbank.pl/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff Last-Modified Wed, 14 Dec 2022 12:56:42 GMT server server x-permitted-cross-domain-policies none ETag W/"57606-1671022602000" x-frame-options SAMEORIGIN Content-Type text/css X-OneAgent-JS-Injection true Cache-control private Accept-Ranges bytes Content-Length 57606 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Show response login.nestbank.pl/	247 KB 94 KB	106ms 51ms	Script text/javascript	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 2ce696cfee3157def2d150e9f4e8c813d79f645660bc808acc9c624b03bb1bc4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login.nestbank.pl/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT Content-Encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload Last-Modified Wed, 03 Mar 2010 07:01:40 GMT server server x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN Content-Type text/javascript; charset=utf-8 Cache-Control public, max-age=31536000, immutable Content-Length 95265 x-xss-protection 1; mode=block Expires Tue, 30 Jan 2024 10:19:56 GMT
GET H/1.1	200 OK	login.6967b4e54b6c43f1150f.css login.nestbank.pl/	152 KB 22 KB	89ms 34ms	Stylesheet text/css	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/login.6967b4e54b6c43f1150f.css Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 5912dc5b4a658961f25806b92ef64f7d07b83750f5fe3588caa7e4cf67c0b873 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login.nestbank.pl/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT Content-Encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload Last-Modified Wed, 25 Jan 2023 11:34:55 GMT server server x-permitted-cross-domain-policies none ETag W/"63d113df-2609a" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css x-frame-options SAMEORIGIN Server-Timing dtSInfo;desc="0", dtRpid;desc="-832664994" x-xss-protection 1; mode=block
GET H/1.1	200 OK	vendors~extApi~login~main~openApi~payments~shared.6967b4e54b6c43f1150f.js Show response login.nestbank.pl/	1 MB 292 KB	112ms 57ms	Script application/javascript	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/vendors~extApi~login~main~openApi~payments~shared.6967b4e54b6c43f1150f.js Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash b829375018fd1227ea8427dacdae1d6176bd223a9742240995cc0a15de40873d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login.nestbank.pl/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT Content-Encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload Last-Modified Wed, 25 Jan 2023 11:34:55 GMT server server x-permitted-cross-domain-policies none ETag W/"63d113df-113762" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript x-frame-options SAMEORIGIN Server-Timing dtSInfo;desc="0", dtRpid;desc="1905228384" x-xss-protection 1; mode=block
GET H/1.1	200 OK	vendors~extApi~login~main~openApi~payments.6967b4e54b6c43f1150f.js Show response login.nestbank.pl/	143 KB 47 KB	93ms 39ms	Script application/javascript	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/vendors~extApi~login~main~openApi~payments.6967b4e54b6c43f1150f.js Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 80b54d8033d946032a47c5158c7f65b04b25b842e3390710be74c1db4b56c415 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login.nestbank.pl/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT Content-Encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload Last-Modified Wed, 25 Jan 2023 11:34:55 GMT server server x-permitted-cross-domain-policies none ETag W/"63d113df-23a4c" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript x-frame-options SAMEORIGIN Server-Timing dtSInfo;desc="0", dtRpid;desc="-935676041" x-xss-protection 1; mode=block
GET H/1.1	200 OK	login.6967b4e54b6c43f1150f.js Show response login.nestbank.pl/	2 MB 456 KB	100ms 43ms	Script application/javascript	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/login.6967b4e54b6c43f1150f.js Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 0d33fa2fe1ed2766c756cd5e3f1a41b1d3b75f0e18c6a8c592d5b63ec6effda3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login.nestbank.pl/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT Content-Encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload Last-Modified Wed, 25 Jan 2023 11:34:55 GMT server server x-permitted-cross-domain-policies none ETag W/"63d113df-242c20" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript x-frame-options SAMEORIGIN Server-Timing dtSInfo;desc="0", dtRpid;desc="-1987809214" x-xss-protection 1; mode=block
GET H/1.1	200 OK	shared.6967b4e54b6c43f1150f.js Show response login.nestbank.pl/	291 KB 89 KB	165ms 82ms	Script application/javascript	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/shared.6967b4e54b6c43f1150f.js Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 1be47f5634c362d0ebc6b78280497c51fad1a2f16fa7eb00237ac010bd1f9166 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login.nestbank.pl/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT Content-Encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload Last-Modified Wed, 25 Jan 2023 11:34:55 GMT server server x-permitted-cross-domain-policies none ETag W/"63d113df-48dff" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript x-frame-options SAMEORIGIN Server-Timing dtSInfo;desc="0", dtRpid;desc="1423840161" x-xss-protection 1; mode=block
GET H/1.1	200 OK	icons.1674646308197.svg Show response login.nestbank.pl/assets/	205 KB 205 KB	31ms 31ms	XHR image/svg+xml	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/assets/icons.1674646308197.svg Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash b2a0186c4812ee90c47981e169f48b96b571cc7c865557a002b8f5531ac1d8c3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.nestbank.pl/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 x-dtpc $473996629_16h2vHHLWJDBPNRRUSIRQTDRGBARKQDOMQTCU-0e0 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff Last-Modified Wed, 25 Jan 2023 11:34:55 GMT server server x-permitted-cross-domain-policies none ETag "63d113df-333ce" x-frame-options SAMEORIGIN Content-Type image/svg+xml Server-Timing dtSInfo;desc="0", dtRpid;desc="895747005" Accept-Ranges bytes Content-Length 209870 x-xss-protection 1; mode=block
GET H/1.1	200	LatoLatin-Regular.woff2 login.nestbank.pl/theme/fonts/	43 KB 43 KB	61ms 61ms	Font text/plain	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/theme/fonts/LatoLatin-Regular.woff2 Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/theme/css/banners.css?v=0.17.20 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 824026d2e16bbdf14964bc7640e61f97426084feb5a1550e2ea563a71bb6ac26 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.nestbank.pl/theme/css/banners.css?v=0.17.20 Origin https://login.nestbank.pl accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff Last-Modified Wed, 14 Dec 2022 12:56:43 GMT server server x-permitted-cross-domain-policies none ETag W/"43760-1671022604000:dtagent10255221104040649S8yA" Transfer-Encoding chunked x-frame-options SAMEORIGIN X-OneAgent-JS-Injection true Cache-control private Server-Timing dtRpid;desc="-1691770066", dtTao;desc="1", dtSInfo;desc="0" Accept-Ranges bytes Timing-Allow-Origin * x-xss-protection 1; mode=block
GET H/1.1	200	LatoLatin-Bold.woff2 login.nestbank.pl/theme/fonts/	43 KB 44 KB	69ms 68ms	Font text/plain	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/theme/fonts/LatoLatin-Bold.woff2 Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/theme/css/banners.css?v=0.17.20 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash b7fe5a8cc6330c51ce966e066d98fa172369049e04878e488b3804dd50946f77 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.nestbank.pl/theme/css/banners.css?v=0.17.20 Origin https://login.nestbank.pl accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff Last-Modified Wed, 14 Dec 2022 12:56:41 GMT server server x-permitted-cross-domain-policies none ETag W/"44380-1671022602000:dtagent10255221104040649S8yA" Transfer-Encoding chunked x-frame-options SAMEORIGIN X-OneAgent-JS-Injection true Cache-control private Server-Timing dtRpid;desc="-1932783657", dtTao;desc="1", dtSInfo;desc="0" Accept-Ranges bytes Timing-Allow-Origin * x-xss-protection 1; mode=block
GET H/1.1	200 OK	login Show response login.nestbank.pl/rest/v1/configuration/	37 B 525 B	39ms 37ms	Fetch application/json	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/rest/v1/configuration/login Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 02fe49f35d337385d9b27157c12d7518aa07ecc82d92fb18c857fbddf4147146 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Content-Type application/json Referer https://login.nestbank.pl/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 x-dtpc $473996629_16h3vHHLWJDBPNRRUSIRQTDRGBARKQDOMQTCU-0e0 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server server x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN Content-Type application/json; charset=UTF-8 X-OneAgent-JS-Injection true Cache-Control no-cache Server-Timing dtRpid;desc="-447752020", dtSInfo;desc="0" Connection close x-xss-protection 1; mode=block X-UA-Compatible IE=edge
POST H/1.1	200 OK	parameters Show response login.nestbank.pl/rest/v1/configuration/	245 B 774 B	35ms 35ms	Fetch application/json	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/rest/v1/configuration/parameters Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 8ac6329b088080a888f1ecb2526832d2074bfb95495724a182656ae3f2a5d062 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Content-Type application/json Referer https://login.nestbank.pl/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 x-dtpc $473996629_16h4vHHLWJDBPNRRUSIRQTDRGBARKQDOMQTCU-0e0 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server server x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN Content-Type application/json; charset=UTF-8 X-OneAgent-JS-Injection true Cache-Control no-cache Server-Timing dtRpid;desc="-1898644785", dtTao;desc="1", dtSInfo;desc="0" Connection close Timing-Allow-Origin * x-xss-protection 1; mode=block X-UA-Compatible IE=edge
POST H/1.1	200 OK	list Show response login.nestbank.pl/rest/v1/cms/news/	4 KB 4 KB	33ms 33ms	Fetch application/json	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/rest/v1/cms/news/list Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 2b1b76060ec4a84947ffcf10be64940941ee30f1e3d0338df12917fc14b28daa Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Content-Type application/json Referer https://login.nestbank.pl/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 x-dtpc $473996629_16h5vHHLWJDBPNRRUSIRQTDRGBARKQDOMQTCU-0e0 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server server x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN Content-Type application/json; charset=UTF-8 X-OneAgent-JS-Injection true Cache-Control no-cache Server-Timing dtRpid;desc="-1659346275", dtTao;desc="1", dtSInfo;desc="0" Connection close Timing-Allow-Origin * x-xss-protection 1; mode=block X-UA-Compatible IE=edge
POST H/1.1	200 OK	list Show response login.nestbank.pl/rest/v1/cms/faq/	6 KB 7 KB	62ms 33ms	Fetch application/json	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/rest/v1/cms/faq/list Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 65d4bfd803783157e774098db6ca1b03e3255f774598f9af0cbe00c106ce789a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Content-Type application/json Referer https://login.nestbank.pl/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 x-dtpc $473996629_16h6vHHLWJDBPNRRUSIRQTDRGBARKQDOMQTCU-0e0 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server server x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN Content-Type application/json; charset=UTF-8 X-OneAgent-JS-Injection true Cache-Control no-cache Server-Timing dtRpid;desc="-34493204", dtTao;desc="1", dtSInfo;desc="0" Connection close Timing-Allow-Origin * x-xss-protection 1; mode=block X-UA-Compatible IE=edge
GET H/1.1	200 OK	loginPage Show response login.nestbank.pl/rest/v1/	749 B 1 KB	64ms 34ms	Fetch application/json	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/rest/v1/loginPage Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash fba86c6a304c9e8559db8425c097db96c39ca370b60d2ce9e16dd6087ef81ef7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Content-Type text/plain Referer https://login.nestbank.pl/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 x-dtpc $473996629_16h7vHHLWJDBPNRRUSIRQTDRGBARKQDOMQTCU-0e0 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server server x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN Content-Type application/json; charset=UTF-8 X-OneAgent-JS-Injection true Cache-Control no-cache Server-Timing dtRpid;desc="-1324276020", dtSInfo;desc="0" Connection close x-xss-protection 1; mode=block X-UA-Compatible IE=edge
GET H/1.1	200 OK	status Show response login.nestbank.pl/rest/v1/myFinances/transfer-funds/	161 B 649 B	62ms 32ms	Fetch application/json	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/rest/v1/myFinances/transfer-funds/status Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 947abfb2e01d9efbb9fc37a55370ce28a2b7141804ed0bbc10b9ff1830cd19a8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Content-Type application/json Referer https://login.nestbank.pl/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 x-dtpc $473996629_16h8vHHLWJDBPNRRUSIRQTDRGBARKQDOMQTCU-0e0 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server server x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN Content-Type application/json; charset=UTF-8 X-OneAgent-JS-Injection true Cache-Control no-cache Server-Timing dtRpid;desc="-312653027", dtSInfo;desc="0" Connection close x-xss-protection 1; mode=block X-UA-Compatible IE=edge
GET DATA	200 OK	truncated /	23 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 340115d3d9f8ce2ca38378c9be25b663ce473e1e7d2f97f92573544e8c3dfacd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	35 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9c0654ee4efcbdd01e9128bdc796561f4e879a683fa7c05d9ce0017726e376f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200	LatoLatin-Light.woff2 login.nestbank.pl/theme/fonts/	42 KB 43 KB	73ms 73ms	Font text/plain	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/theme/fonts/LatoLatin-Light.woff2 Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/theme/css/banners.css?v=0.17.20 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 5c7da0e78dc0c23a9d869f0f86a0ddcc6de571608bf2660c73cce6a4b3432fa9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.nestbank.pl/theme/css/banners.css?v=0.17.20 Origin https://login.nestbank.pl accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff Last-Modified Wed, 14 Dec 2022 12:56:43 GMT server server x-permitted-cross-domain-policies none ETag W/"43468-1671022604000:dtagent10255221104040649S8yA" Transfer-Encoding chunked x-frame-options SAMEORIGIN X-OneAgent-JS-Injection true Cache-control private Server-Timing dtRpid;desc="-953982657", dtTao;desc="1", dtSInfo;desc="0" Accept-Ranges bytes Timing-Allow-Origin * x-xss-protection 1; mode=block
POST H/1.1	200 OK	placeholder Show response login.nestbank.pl/rest/v1/cms/	2 KB 2 KB	36ms 36ms	Fetch application/json	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/rest/v1/cms/placeholder Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 96286b5626de9baf936f7794b6b1040618804c58f02a2c0bdf5090141d604f21 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.nestbank.pl/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type application/json Response headers Date Mon, 30 Jan 2023 10:19:57 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server server x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN Content-Type application/json; charset=UTF-8 X-OneAgent-JS-Injection true Cache-Control no-cache Server-Timing dtRpid;desc="748837213", dtTao;desc="1", dtSInfo;desc="0" Connection close Timing-Allow-Origin * x-xss-protection 1; mode=block X-UA-Compatible IE=edge
GET H/1.1	200	bimcms:DESKTOPMIDDLE login.nestbank.pl/site/binaries/content/gallery/bimcms/background/ph_desktop_logowanie_01/ph_desktop_logowanie_01_3.jpg/ph_desktop_logowanie_01_3.jpg/	2 MB 2 MB	120ms 119ms	Image image/jpeg	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Show image Full URL https://login.nestbank.pl/site/binaries/content/gallery/bimcms/background/ph_desktop_logowanie_01/ph_desktop_logowanie_01_3.jpg/ph_desktop_logowanie_01_3.jpg/bimcms:DESKTOPMIDDLE Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash 9f03d864751fdbdb312080a3f54cd935d013d718c279eb40339afbbc9b211ce0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://login.nestbank.pl/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 10:19:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff x-permitted-cross-domain-policies none Age 710913 X-OneAgent-JS-Injection true Server-Timing dtRpid;desc="-828846237", dtSInfo;desc="0" Content-Length 2398030 x-xss-protection 1; mode=block Last-Modified Tue, 05 Apr 2022 17:04:26 GMT server server ETag "1625203929076:dtagent10255221104040649S8yA" x-frame-options SAMEORIGIN Content-Type image/jpeg;charset=UTF-8 Cache-Control max-age=25895730, private Expires Sun, 26 Nov 2023 03:35:27 GMT
POST H/1.1	200 OK	rb_65d78ded-6492-4f4e-b3b3-cce62ca90fd3 Show response login.nestbank.pl/	146 B 489 B	29ms 29ms	XHR text/plain	193.105.248.200 NESTBANK
General Check archive.org Show headers Download Go to Full URL https://login.nestbank.pl/rb_65d78ded-6492-4f4e-b3b3-cce62ca90fd3?type=js3&flavor=post&vi=HHLWJDBPNRRUSIRQTDRGBARKQDOMQTCU-0&modifiedSince=1675068384536&rf=https%3A%2F%2Flogin.nestbank.pl%2Flogin&bp=3&app=9f07c300a648970c&crc=912544913&en=dz9emg65&end=1 Requested by Host: login.nestbank.pl URL: https://login.nestbank.pl/ruxitagentjs_ICA27NVfghqrux_10255221104040649.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.105.248.200 , Poland, ASN196999 (NESTBANK, PL), Reverse DNS rev-217017063001.atman Software server / Resource Hash e4209d960d4a8faf13bf59a01874f0ad75fb341381bbed161701484a21de9d68 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.nestbank.pl/login accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 30 Jan 2023 10:19:58 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server server x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN Content-Type text/plain; charset=utf-8 Content-Length 146 x-xss-protection 1; mode=block

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| dT_ object| dtrum object| dynatrace function| _ object| core object| __core-js_shared__ boolean| areScriptsLoaded object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nestbank.pl/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_1_sn_207658BCDC7F02E4C53F4B7EFE01D96A_perc_100000_ol_0_mul_1_app-3A9f07c300a648970c_0
			login.nestbank.pl/	1969-12-31 23:59:59	Name: SESSION Value: !QfvncsAE+1ajCOXHAyBARV76iSbCOnFHtaoXihTpmtdVHKm5eBD5QOySp9eqSQYbYNww/rxSN05p1Ps=
			.nestbank.pl/	1969-12-31 23:59:59	Name: rxVisitor Value: 1675073996632VIERT5PHJE5R12HS6BF079JIITNKINNT
			.nestbank.pl/	1969-12-31 23:59:59	Name: dtLatC Value: 71
			.nestbank.pl/	1969-12-31 23:59:59	Name: dtSa Value: -
			.nestbank.pl/	1969-12-31 23:59:59	Name: rxvt Value: 1675075797092|1675073996633
			.nestbank.pl/	1969-12-31 23:59:59	Name: dtPC Value: $473996629_16h-vHHLWJDBPNRRUSIRQTDRGBARKQDOMQTCU-0e0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.nestbank.pl
193.105.248.200
02fe49f35d337385d9b27157c12d7518aa07ecc82d92fb18c857fbddf4147146
0d33fa2fe1ed2766c756cd5e3f1a41b1d3b75f0e18c6a8c592d5b63ec6effda3
1be47f5634c362d0ebc6b78280497c51fad1a2f16fa7eb00237ac010bd1f9166
2586e5325b85fdf5fccb15d50b9992b47c853cd9b86014590505d4d053e58727
2b1b76060ec4a84947ffcf10be64940941ee30f1e3d0338df12917fc14b28daa
2ce696cfee3157def2d150e9f4e8c813d79f645660bc808acc9c624b03bb1bc4
340115d3d9f8ce2ca38378c9be25b663ce473e1e7d2f97f92573544e8c3dfacd
506bd9e88c7aecb5ab89fb6dc691086d6b0cbbea0cd394c101864d0029ab641e
5912dc5b4a658961f25806b92ef64f7d07b83750f5fe3588caa7e4cf67c0b873
5c7da0e78dc0c23a9d869f0f86a0ddcc6de571608bf2660c73cce6a4b3432fa9
65d4bfd803783157e774098db6ca1b03e3255f774598f9af0cbe00c106ce789a
80b54d8033d946032a47c5158c7f65b04b25b842e3390710be74c1db4b56c415
824026d2e16bbdf14964bc7640e61f97426084feb5a1550e2ea563a71bb6ac26
8ac6329b088080a888f1ecb2526832d2074bfb95495724a182656ae3f2a5d062
947abfb2e01d9efbb9fc37a55370ce28a2b7141804ed0bbc10b9ff1830cd19a8
96286b5626de9baf936f7794b6b1040618804c58f02a2c0bdf5090141d604f21
9f03d864751fdbdb312080a3f54cd935d013d718c279eb40339afbbc9b211ce0
b2a0186c4812ee90c47981e169f48b96b571cc7c865557a002b8f5531ac1d8c3
b7fe5a8cc6330c51ce966e066d98fa172369049e04878e488b3804dd50946f77
b829375018fd1227ea8427dacdae1d6176bd223a9742240995cc0a15de40873d
d9c0654ee4efcbdd01e9128bdc796561f4e879a683fa7c05d9ce0017726e376f
e4209d960d4a8faf13bf59a01874f0ad75fb341381bbed161701484a21de9d68
fba86c6a304c9e8559db8425c097db96c39ca370b60d2ce9e16dd6087ef81ef7