urlscan.io logo urlscan.io
SecurityTrails logo

momo.banksieutoc.one Open in urlscan Pro
2606:4700:3031::6815:441f  Public Scan

Go To Rescan Add Verdict Report
URL: https://momo.banksieutoc.one/
Submission: On November 24 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 59 HTTP transactions. The main IP is 2606:4700:3031::6815:441f, located in United States and belongs to CLOUDFLARENET, US. The main domain is momo.banksieutoc.one.
TLS certificate: Issued by GTS CA 1P5 on November 11th 2022. Valid for: 3 months.
This is the only time momo.banksieutoc.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    2606:4700:3031::6815:441f (United States)

ASN13335 (CLOUDFLARENET, US)
momo.banksieutoc.one
banksieutoc.one
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2620:0:862:ed1a::1 (United States)

ASN14907 (WIKIMEDIA, US)
vi.wikipedia.org
7    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
8    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:10::6816:2141 (United States)

ASN13335 (CLOUDFLARENET, US)
wallpaperaccess.com
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    104.21.20.107 (None, )

ASN13335 (CLOUDFLARENET, US)
api.inetstatic.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 banksieutoc.one
momo.banksieutoc.one
banksieutoc.one
5 MB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
204 KB
7 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6034
14 MB
6 gstatic.com
fonts.gstatic.com
66 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
5 KB
2 wikipedia.org
vi.wikipedia.org — Cisco Umbrella Rank: 177868
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52
2 KB
1 inetstatic.com
api.inetstatic.com — Cisco Umbrella Rank: 567603
767 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7898
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
701 B
1 wallpaperaccess.com
wallpaperaccess.com — Cisco Umbrella Rank: 41024
694 KB
59 12
Domain Requested by
12 banksieutoc.one momo.banksieutoc.one
banksieutoc.one
9 momo.banksieutoc.one momo.banksieutoc.one
8 pagead2.googlesyndication.com momo.banksieutoc.one
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 i.imgur.com momo.banksieutoc.one
6 fonts.gstatic.com fonts.googleapis.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 vi.wikipedia.org 1 redirects momo.banksieutoc.one
2 fonts.googleapis.com momo.banksieutoc.one
1 www.google.com tpc.googlesyndication.com
1 api.inetstatic.com banksieutoc.one
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 wallpaperaccess.com momo.banksieutoc.one
59 15

This site contains links to these domains. Also see Links.

Domain
m.me
nhantien.momo.vn
Subject Issuer Validity Valid
*.banksieutoc.one
GTS CA 1P5		 2022-11-11 -
2023-02-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-29 -
2023-05-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.inetstatic.com
E1		 2022-10-17 -
2023-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://momo.banksieutoc.one/
Frame ID: 37B266D8C6293DB056E6ADAAC0847E90
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 16DCAE6BD94DB4DAB854191FE14AF46D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4796296997108553&output=html&adk=1812271804&adf=3025194257&lmt=1669327624&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmomo.banksieutoc.one%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669327624165&bpp=2&bdt=937&idt=281&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6625280765269&frm=20&pv=2&ga_vid=665865320.1669327624&ga_sid=1669327624&ga_hid=902541557&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531705%2C44774652%2C21066431&oid=2&pvsid=1107965758337522&tmod=2104723676&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=305
Frame ID: 9EC9A4EEC84BEAE7F43460F73788EA63
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BA99DA8198B056C8375DB73F6BC2FAE7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9B9695E521AFABE8F87BFFC3BA4CF979
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chạm Tay Ngay Trúng Ngay Tiền Tỷ - Kiếm Tiền Trong 1 Nốt Nhạc

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

93 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

20504 kB
Transfer

21140 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://vi.wikipedia.org/wiki HTTP 301
  • https://vi.wikipedia.org/wiki/Trang_Ch%C3%ADnh

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
momo.banksieutoc.one/ 		35 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
eeccd0fa894c5491411de98a94bc03aa39451c99c72e65237d21df4f7a550ff2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
76f5748a0f09691f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 24 Nov 2022 22:07:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJ25NaSxKTBGBh%2BVDNgQCI1%2FApDOCGNcgfD37w16wZeBqAlMbg7WBbYnNeoyvqYfE%2BEQWf%2BrWDiXk3fvGOrUMGNk0UMGOKp23YvTdJ4pb8r3V0AEF3EmlHT9awgH8Hfoe4WLf0LaYPPkq3P3Myg9PTKPoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
css2
fonts.googleapis.com/ 		1 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Goldman&display=swap
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6339159f209ed801b5bf3c0b681f73490f9e6cb1b4f03827d07ffe6228fe9fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 22:07:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 22:07:03 GMT
css2
fonts.googleapis.com/ 		9 KB
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2121d80a0dd495935b5cb038a4f508bccfc8aac628af516b34eeebf76900c7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 22:07:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 22:07:03 GMT
stylea4b4.css
banksieutoc.one/assets/css/ 		59 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/css/stylea4b4.css
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9a704a808e3d6534b8d7ccc45d8e7b26ad03e25d5f9338b0c89f2e1da8a314

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 07 Sep 2022 15:38:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bIuGjblPLfIPNrXx0u9NjX15LWatwYY28YrPSxTG9JH7z88ccmBfL9KNNjYi0NP2Yl%2BnjBUrMGjh20H59%2F6aY267P2RYKNu9eDbTOIQC0A2M%2FUd67pUYYyWImfKbgQ3v%2F5qaSAEj9QYJIRpW0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d4e67691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
tomdz.css
banksieutoc.one/assets/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/css/tomdz.css
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b95cc10c5b0224655793f2baec6eaafa265e557606cc212d02a3f40c683cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 30 Sep 2022 14:39:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjCW%2FqeLcLPQRQdS7snDkqil%2BFVhoVjyktm22DUZmXk5OEn%2Flpsm4pbn53ZNT7X9VdYJ7GNqH70oBW8BpwW1VPybCAFHpSPEgdddgXLcTm1aVArHjm%2BmHT5ad68zJ46bLeunRsZNRNLA2vcba0A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d4e61691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
boxicons.min.css
banksieutoc.one/assets/css/ 		62 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/css/boxicons.min.css
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhTwjIbwykrb5AXf6ksg78XKdPDUI2WraDaLbTy%2FAJPWwK83aYUmADoA2ottRqDvjDjyGuwBltMWj7uj5DyiEFGMwmnmL4V6Q7wWNYZLOSTzbr2n9JJUJZ1TPiV2O4KnzS10EcYDUyq%2FBkTUmg0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d4e64691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
jquery-2.1.0.min.js
banksieutoc.one/assets/js/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/jquery-2.1.0.min.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3270f295222b076621426ed5dd098bf593915075d714dcacc60ebbeb343ca68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHxV3vT%2BUoIdtlGG4cvo6RrEH4R%2Bzw7HQnZU4COmWVpMqjJvIwW0WAJ%2F4H84GaPauGxftqZy26oqPsom%2FqIakyD5ayoB87ZtPuBybMzSBjPNqrxITPisRqurESPgKb9%2B9SA97JBfTYpKaufEr1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d6e9d691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
Trang_Ch%C3%ADnh
vi.wikipedia.org/wiki/
Redirect Chain
  • https://vi.wikipedia.org/wiki
  • https://vi.wikipedia.org/wiki/Trang_Ch%C3%ADnh
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vi.wikipedia.org/wiki/Trang_Ch%C3%ADnh
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Server
2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date
Thu, 24 Nov 2022 22:07:03 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
0
x-cache-status
miss
x-cache
cp3050 miss, cp3056 miss
server-timing
cache;desc="miss", host;desc="cp3056"
content-length
0
x-client-ip
2a03:1b20:6:f011::7e
last-modified
Thu, 24 Nov 2022 22:07:03 GMT
server
mw1322.eqiad.wmnet
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary
Accept-Encoding,X-Forwarded-Proto,Cookie,Authorization
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
text/html; charset=UTF-8
location
https://vi.wikipedia.org/wiki/Trang_Ch%C3%ADnh
cache-control
s-maxage=1200, must-revalidate, max-age=0
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
bootstrap.min.js
banksieutoc.one/assets/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/bootstrap.min.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd2ecab2d0408a6d42f6517039d063e1912639d03fe000c78a0184d8b53c4379

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWrIDKfQbTDM%2BGU1xW6qjlgmgjV5L6XdoQb8qjDm0nxMVJZt4PoHSAObInztgCKXufLc8BtpJFP%2BPXZLT78MmDirPfRflwIninQQiJsDPmCLiSNqqtgzShZaOqRMPL6KVliRHxyp7fCCzZyRtWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d6ea0691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
lazyload.js
banksieutoc.one/assets/js/ 		62 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/lazyload.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7c3f7bd05bac2b7f2dfd13729c5ea58966323e164d800a42a52bec2e48cc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oKQ5CFLSc53055HQAOqGFsCLvSsv4sbYOnO8ZBxHu5TZdNrXkTZJ6%2BOJc2P7iiOhIeCfQv%2BZBckOeP5GVnD5Nomp5Sb1xjnFu8T5puKBeP9VhMlgIsY%2BCr1BcZ0gKXZNYRWjPxd6%2BsPdD8d4nE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d4e6b691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
jquery.cookie.js
banksieutoc.one/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/jquery.cookie.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dd83af26ed5c6d49c1d4401a4d9e438bc8f173b639dc8dfb0838c4e70be973a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWG17Fq0RmLWQ8mZm%2BpFnH%2Bwl2NT6Msbc5Qa3%2Fau5eDAHDqUaUmu9HCMovJLoIQ1a%2B8w8L2vkdf378qwwoC3ShM9Ww1ubwH%2FkdmUzeUCVBABDnO%2BmRejaX4fmdjf62x4EEDzdMOTzB7cw%2Bagpr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d6ea2691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
js.cookie.js
banksieutoc.one/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/js.cookie.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310b5be9f2f9529d876e9ab4b36a2f12db338af9006a56914ead796225ebbe66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYk%2BqXOwf2d6JtP7%2FLRdQzsKb0cFQtzMvY76K5P%2BZS%2BMXoO0VCoU4P92CMUeD0blsy%2BAADmTH7DCBYRe4EDGyb4aefQipnwnwCNToKEU3i87qglxPJ6wcGXdNNcT0K85wPkIL%2BIzYTOpWq6qPlE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d4e69691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
bootstrap-datepicker.min.js
banksieutoc.one/assets/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/bootstrap-datepicker.min.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673cbae0dc0af2fe20d57a6e5cb9ceb59bfb21f1be7fba8da69ad8beccd52ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGAsEFQqG7Pe6owVZqYN59L9csh%2FPVmHO3yAG4CXFbVLNxStVDVtGoLmAUbgwiXm6glBYSCarycJEjtKULhcUAtYIO1jz35BC303JLHIjHo4wPWEUVYbRoGCE%2B6iNqyHxtsnAl60rfLX77l0uf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d4e7a691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
sweetalert.min.js
banksieutoc.one/assets/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/sweetalert.min.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7136574919ae28c81048d019e30bcea1b382b8be9f517dca3ad66b1c6b38be6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sq0hRn0rziRIVJ6ckbfMtHnxitLR0%2FTpq1X8c4ss48E3qrwh9FROyUaoRbeyMQvypsmt5WsGcLREZCXR5I7tumdo7EGaiv%2FHqxE27iCLDFs6FIhAKmFztaO126Rjv5u%2FPhSIEqQjNrNRWk7hDzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d4e7f691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
tomdz.js
banksieutoc.one/assets/js/ 		1 KB
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/tomdz.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80a70373be25d13d2429f19f19bccbef46e76fefef84d47d423133818b327430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FbexycPS85tHNxZpaVj8D6wIvQX7Dsr6GxBXHrHISUQlpCk62s8%2FtPxgHUcpL2V4XK7a1w9TzMwb%2BaAGZIrQU7IPuLxYyXWBNuU%2FlpCj8ANirWROkhpiaRd1dmQFP0Kq1qdsy3QMyhlVBaCOAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d4e70691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
cookie.js
banksieutoc.one/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/cookie.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eca391a0e148956a0a652cba32cf5d5cd36211e8dc050dd1aa0c2eb520ca3b22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1ijXg%2Fwp9p%2BXDXa8085GMfKLyFIDXoWPjf5SCOCVVITHQY1jWcHoyoYXH5hQMmPcBETJHlqkth4oin8Atmh49h5VaGlzKTmk43%2BMRl%2FD%2BH6vQJk%2BLtGbWIYnC1OPc8HEH8aGeeyK%2BgT5PsXfV4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d4e75691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
rotate.js
momo.banksieutoc.one/assets/Scripts/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://momo.banksieutoc.one/assets/Scripts/rotate.js
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaee62b88cfa903114d5f3790dbb26412a313abb502d00ec3906ef8597bdfeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 22:06:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTkybs8eGiDHn8qUO0X3Fl%2F9n1JpCDZfoo8AinHml0y2v%2B%2FfVr2cirhASbUcngF7%2B8V22YLIe4jyk%2F23LHo4Y2EdaW%2Fdxqy%2BKduXMdhElBtW9TgmmgwY9gvBgbyY2y7RXFg92gHAf90D9Z5llURBqwqpzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f5748d3e38691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:03 GMT
FQwSPo5.png
i.imgur.com/ 		403 KB
404 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/FQwSPo5.png
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8b6a1f09b3f4c2cfe575e7316bd4c68dc3df259e7b64d69b9be8d956f7d10e8b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1806557
x-cache
HIT, MISS
content-length
413117
x-served-by
cache-iad-kjyo7100052-IAD, cache-fra-eddf8230119-FRA
last-modified
Fri, 04 Nov 2022 00:17:46 GMT
server
cat factory 1.0
x-timer
S1669327624.902211,VS0,VE107
etag
"6a0b0a70910800ac3d62f5b19306f4fb"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
181, 0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4796296997108553
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90ed4340cb070362caf5b095bf81837a9f69e5dc4fd349bf396fee06dadf875b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://momo.banksieutoc.one/
Origin
https://momo.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49153
x-xss-protection
0
server
cafe
etag
12216130913263630298
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 22:07:03 GMT
RFAsKik.png
i.imgur.com/ 		261 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/RFAsKik.png
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ebb866e41501547ff216d82aea50cb78040ab6821e3ce6a39c40ff418d34199c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1465067
x-cache
HIT, HIT
content-length
267774
x-served-by
cache-iad-kiad7000117-IAD, cache-fra-eddf8230119-FRA
last-modified
Thu, 03 Nov 2022 22:50:03 GMT
server
cat factory 1.0
x-timer
S1669327624.903113,VS0,VE20
etag
"820499815b5dc40c06254348736c4192"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 1
24.png
momo.banksieutoc.one/upload/vongquay_kimcuong/thumb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://momo.banksieutoc.one/upload/vongquay_kimcuong/thumb/24.png
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32944879411986a6c5bc5886d2d261e9cd2541dbbee09baf88834a765e2a6ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 22:06:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxqbsCo%2B%2Fehss0USJmZLAVSthu7r1xtJmrouDDA8WyLTX0R0C06oWJnl%2BOxsw3UTIFpZM2%2FZNUVAdXJ5talV%2F1WqTyK7MCodo7x5afckG88kaCWcZqtr%2FnQcs%2FSCcRgGbq2ozDifZ9TxaHIO1m3jUNX7tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
76f574915e786967-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1297147
expires
Thu, 01 Dec 2022 22:07:04 GMT
quauynhanhedit.gif
momo.banksieutoc.one/assets/images/ 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://momo.banksieutoc.one/assets/images/quauynhanhedit.gif
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14a7c21a22af60f3d087d0fc59bed5a36ab845fd9fb09e9be0350eee7d273cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 22:06:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJQNFPr5R8pcp4bO2TYLUrDZRK3qtJ5J1W276Olsar54FhR%2FAVF2gdk%2BqQ7dEbQpEMgQLmpoTdsvUmdzqEfK4CLFeIpoxCe5Ag2sO%2BYMSSgMrF7D68xCJP%2BKJQQyLn6%2B2yPWHkeNHDOw6ikenidhY30ciw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
76f574915e7a6967-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
305363
expires
Thu, 01 Dec 2022 22:07:04 GMT
23.png
momo.banksieutoc.one/upload/vongquay_kimcuong/thumb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://momo.banksieutoc.one/upload/vongquay_kimcuong/thumb/23.png
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31986a080a23215077cf4b7d5bea8c38ab0f380c55c9361616b4f14e623c5a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 22:06:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCbCuPUbA5i6rvQhlyJBkPK%2BmLWgxmHStwH1SXqmqszWTeCbJo%2F54xyDeoMU89Z7gvN16DowSgMwtpBeEyB2D8TjM1klikWCJKVpfG6zqNArR6SgpUgBOxVY%2F2P10fz%2FquftW56G161JIL50lewSJE4cfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
76f574915e7d6967-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1469821
expires
Thu, 01 Dec 2022 22:07:04 GMT
22.png
momo.banksieutoc.one/upload/vongquay_kimcuong/thumb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://momo.banksieutoc.one/upload/vongquay_kimcuong/thumb/22.png
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac3d760ee871c78b15222b2370b5ed4bce580b534ea6d4c27921911a7fee560

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 22:06:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FcLADU7Djd%2BOMFSVTK%2Fr3%2BeccTu%2FmBpavvfmaSiXZZcRbSYzSxyD9k2VEL16uWnKpdgLAxex%2BDx%2FjMebDHwi6KUiTETuHZtWYlReFznQknIj4ktXsjAhwKYaVw65SvmEUliJcZVTBLrdYlyBsKkggf0xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
76f574915e806967-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1294529
expires
Thu, 01 Dec 2022 22:07:04 GMT
21.png
momo.banksieutoc.one/upload/vongquay_kimcuong/thumb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://momo.banksieutoc.one/upload/vongquay_kimcuong/thumb/21.png
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8722aa73cde3508a528d76e459946fe18d495a85dc9f0e5bb039c7361621c8c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 22:06:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnIR9toSm193wcVdHc6JRpLo46EOovuiBUIz5crk0fSQruooVFE%2FZxV8Ul4fddsbf7ScJ%2FMWjG8DQmrgSf8Z3KYPFKeGYW9J72raDUer4%2BXWBVsAEnMJIXxVTJrNlmHoU45nV83GHnvo7f2qeHVAua0gLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
76f574915e846967-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1267097
expires
Thu, 01 Dec 2022 22:07:04 GMT
zLny7wu.gif
i.imgur.com/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/zLny7wu.gif
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
37c0b0ee897779b8eafcfd52d4e8b8b3db97aba0a2eb503e40414ab638497de2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
787886
x-cache
HIT, MISS
content-length
3090096
x-served-by
cache-iad-kcgs7200131-IAD, cache-fra-eddf8230119-FRA
last-modified
Tue, 13 Sep 2022 02:14:43 GMT
server
cat factory 1.0
x-timer
S1669327624.903132,VS0,VE189
etag
"4039023b4a9eba231ca2d37ebeabc680"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
21, 0
yw0W5yQ.gif
i.imgur.com/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/yw0W5yQ.gif
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
72a6f859e57d001df144874f8c7b48eff5302ff4fa5931fd10f61c58a7d73531
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS
content-length
3106162
x-served-by
cache-iad-kjyo7100144-IAD, cache-fra-eddf8230119-FRA
last-modified
Thu, 08 Sep 2022 12:14:24 GMT
server
cat factory 1.0
x-timer
S1669327624.902728,VS0,VE454
etag
"82bb196a1bba611fec800cfc988a77c0"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0
642C7Iz.gif
i.imgur.com/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/642C7Iz.gif
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
045b227715c7bf0c850021feea5d019754ede09773b64e17c78ac41633709357
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1687
x-cache
HIT, MISS
content-length
3931552
x-served-by
cache-iad-kcgs7200055-IAD, cache-fra-eddf8230119-FRA
last-modified
Tue, 13 Sep 2022 02:10:31 GMT
server
cat factory 1.0
x-timer
S1669327624.903126,VS0,VE581
etag
"c0bc1e7cc0567c0f7c6a29195d0018a4"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0
QB8TXCC.gif
i.imgur.com/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/QB8TXCC.gif
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0950b077b520413531add5961351d2c7b4d4f14cc3e6d12c875435fd237a235f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
263474
x-cache
HIT, MISS
content-length
3215613
x-served-by
cache-iad-kcgs7200082-IAD, cache-fra-eddf8230119-FRA
last-modified
Thu, 08 Sep 2022 11:43:35 GMT
server
cat factory 1.0
x-timer
S1669327624.902711,VS0,VE112
etag
"bb8ffe85f33ac69e1e81c4b7cb4319ac"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 0
AEBkO6A.png
i.imgur.com/ 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/AEBkO6A.png
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
59231600a802f8e99df31c9c0a5f0259ae6f98282d800a1a7ec8b47636362644
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1940795
x-cache
HIT, HIT
content-length
210063
x-served-by
cache-iad-kjyo7100024-IAD, cache-fra-eddf8230119-FRA
last-modified
Sun, 25 Sep 2022 14:56:24 GMT
server
cat factory 1.0
x-timer
S1669327624.920613,VS0,VE2
etag
"4ac1bb816a637ca880edff0545359ad9"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
14, 1
kuna4b4.js
momo.banksieutoc.one/assets/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://momo.banksieutoc.one/assets/frontend/js/kuna4b4.js?v=1623309620
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
331ae6c492db1af9f218583eb67a79ffdb102bef00fe26b9284c3adbd258e07e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 22:06:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KM%2BBy4xZkquMEoSOXTVlxYwnxqtV2ACPqdtN6Ya7UqaLvqmrwG%2BFirq2WONL5us%2Fx7FqvaVm9DikVcjYYVaLb4D%2FwPpnvCtZ%2FAfFTY0HYBpBkupLzHn%2FRrSowUR9yp%2Bb%2FRtD5PXMnWsz9u5%2BRisAlX4Irg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
76f574911e1d6967-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 22:07:04 GMT
2825704.gif
wallpaperaccess.com/full/ 		693 KB
694 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallpaperaccess.com/full/2825704.gif
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b82716b1382ad00294e157a42d8e71b8696a6570c3990638842408572ed662
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:03 GMT
cf-cache-status
HIT
age
30714
cf-polished
origSize=3374712, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
709511
cf-bgj
imgq:85,h2pri
last-modified
Sat, 05 Jun 2021 08:29:42 GMT
server
cloudflare
etag
"60bb35f6-337e78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
76f574918b47900d-FRA
expires
Sat, 24 Dec 2022 13:35:09 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://momo.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 23:09:50 GMT
x-content-type-options
nosniff
age
255433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 23:09:50 GMT
boxicons.woff2
banksieutoc.one/assets/fonts/ 		0
0
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://momo.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 08:45:21 GMT
x-content-type-options
nosniff
age
220902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 08:45:21 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://momo.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 08:45:45 GMT
x-content-type-options
nosniff
age
220878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11760
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:07:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 08:45:45 GMT
vien.gif
momo.banksieutoc.one/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://momo.banksieutoc.one/images/vien.gif
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:441f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198bd9546bfd29a99fe412b99f2313a3fa1b9e8afa658a47c5843d67960d48b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 22:06:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fcp%2BosH8B35Bk%2FbtVVLsvkCDgrs%2BFRA3OLOKedoDtfuBd9eULNXSTrr0w6r8U69pSRWHn0fA3LVsM%2FSXwzGq0MQJZz2P9yEwFVn5aDb9Hc%2BPloQiKWQxJYYM93h1khKTxbVdFYz6EMUDqHJfkKR3%2FotYEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
76f574916eb36967-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8200
expires
Thu, 01 Dec 2022 22:07:04 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://momo.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 08:45:53 GMT
x-content-type-options
nosniff
age
220870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11816
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:52:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 08:45:53 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://momo.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 08:55:37 GMT
x-content-type-options
nosniff
age
220287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5564
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:11:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 08:55:37 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a443599b665cfcd9a13fc46056624c65f518c06ee47925c4a940c58164b1b799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://momo.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 04:22:04 GMT
x-content-type-options
nosniff
age
150300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5696
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 04:22:04 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=momo.banksieutoc.one
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4796296997108553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119607
x-xss-protection
0
server
cafe
etag
15994130142540813998
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 22:07:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 16DC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4796296997108553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://momo.banksieutoc.one/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
33994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 12:40:30 GMT
etag
10353107486223812946
expires
Thu, 08 Dec 2022 12:40:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		397 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=momo.banksieutoc.one&callback=_gfp_s_&client=ca-pub-4796296997108553&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=momo.banksieutoc.one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b32aa7650c9ef927971a0ca9f0b65d697a6b55121cf636391f910339b0ee4bea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=momo.banksieutoc.one
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=momo.banksieutoc.one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=momo.banksieutoc.one
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=momo.banksieutoc.one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmomo.banksieutoc.one%2F&tn=DIV&id=myModal&cls=modal&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 22:07:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmomo.banksieutoc.one%2F&tn=DIV&id=myModal&cls=modal&ign=false&pw=1600&ph=1200&x=0&y=69.6
Requested by
Host: momo.banksieutoc.one
URL: https://momo.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 22:07:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9EC9 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4796296997108553&output=html&adk=1812271804&adf=3025194257&lmt=1669327624&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmomo.banksieutoc.one%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669327624165&bpp=2&bdt=937&idt=281&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6625280765269&frm=20&pv=2&ga_vid=665865320.1669327624&ga_sid=1669327624&ga_hid=902541557&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531705%2C44774652%2C21066431&oid=2&pvsid=1107965758337522&tmod=2104723676&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=305
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=momo.banksieutoc.one
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://momo.banksieutoc.one/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 22:07:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
boxicons.woff
banksieutoc.one/assets/fonts/ 		0
0
script.js
api.inetstatic.com/tracking/ 		200 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.inetstatic.com/tracking/script.js?referrer=https://momo.banksieutoc.one/
Requested by
Host: banksieutoc.one
URL: https://banksieutoc.one/assets/js/jquery-2.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.20.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.21
Resource Hash
82843a2293143c619a79d6a8d700e57fb72ea730d56cb5fa8a7cc0ca5bc90c89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.21
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://momo.banksieutoc.one
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aezoiV%2BnL9gSE3BHo%2B14KTK%2Bkc44vVgmZC1do8ZGscEW0kqCbxOwDsDYjgqjrqxUDg%2BytckXo3pXi%2FcM2ayy9ovMSaB9x8NOkfy2oi8jua9KWY3hjtqAvhpDEFcGXfzKKJGINLE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
76f574982cd89048-FRA
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
boxicons.ttf
banksieutoc.one/assets/fonts/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=momo.banksieutoc.one
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1da9a621c3be5ef6854e41af01661f9162c9fe4276c4040a1c2ab41988ebb15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11258
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=momo.banksieutoc.one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 22:07:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BA99 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://momo.banksieutoc.one/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 21:33:14 GMT
expires
Fri, 24 Nov 2023 21:33:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9B96 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03f70763565120fc42d375b0540981fca0b62ec1de04d806111c7e429ee47eae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8CMNtp05CgVPXEwqyIE8Qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://momo.banksieutoc.one/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-8CMNtp05CgVPXEwqyIE8Qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 22:07:07 GMT
expires
Thu, 24 Nov 2022 22:07:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame BA99 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 18:11:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Nov 2023 18:11:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9B96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1107965758337522&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BA99 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_XeXtQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:07:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1107965758337522&bg=!AQKlAkbNAAbvMpMzzzI7ACkAdvg8WsrY0_EK3-oCAMUCGw77urFL9CKe_VmONZqqaSHrEKmk_VtS1wIAAABkUgAAAARoAQcKABE_wSNeBRSmzlBcZGTUsSNZpZkCvkc5u6-dsHk9DS1ZjUfRjH6U_RjO8UkCSKGJ0oEcx0yMZUG3xkS0UXJVQgEAXgxipL4vKCamySN3cm7PUTc-jPpfPyg_Cmw40Vii829g3pkIjdjFfDMYJHx_hpVBVd1hVrRGXi88St45nQDS-IkXqQeLn6FdP97s6PIzWnTIaYQEaN_dYVj5BUT0D5d1oDgaqRb_kPMh_XXwQ4HqKozizmf_9JNje6tcKJQx46tlBkaDiHoSqS5U-N-Nvb3u3cBAqtuDgVr7hpY_gQseuye97GFBxEyFQca6qt8xO_jf2FDDMOasRBS9EZUNCfJGvwe4RnniNvdOsVigV89TNxDAOrTXF0K0iNYH2lGc6xE9eyAPTC6Lj3xN1cl9-_WHiHzVubVvKUfZQOHG_plouk38XjWwC9VauqL6s_QkB_OkCn8QDeW0YmG7YnFpeZ6LdfPMg1ySWMpWhSWOlQKZAyNNdArAruP90P_eNqv_namYbyHLvmCT6Z-NjD2kVAXL-EIdFTZvJjxmPvLYXaY4BxoDKkvgCAxjt0O8CzBbEzYmdkInb0B1jDEDXwwAuYduHTcoVIObDypdwi2UIbRYWDs_DsNct45xktJxschLfMtiancegtYWbKClqmKF9GTTvDMVE-YjJ-szDC3UfMhp93-zIEeLcT9ND9JIozS76bH4lhdSzFx59db2do4lXixH3nfxwz0MRl9JzhMpfYPpaThK4YZ7Pg8GLD0QwFCMv4BawsH4a9alH3tBz6RFRe9KO7nC3QYS__XOoTVplzxMUlEMRX191B3Bi_-rincPhtjpmKVkHRiA1m2EvzxPKwFvUI_V9E39U0aRvhu89mJ9buAnuHJj3Yrbt-m2ueGLdoPom9j4gKYn2-FfiwFxkVEkXs6jbfMqSDQOXNOeg3skUum-QpDCFhWPnuxENLf0qJjLcA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://momo.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
banksieutoc.one
URL
https://banksieutoc.one/assets/fonts/boxicons.woff2
Domain
banksieutoc.one
URL
https://banksieutoc.one/assets/fonts/boxicons.woff
Domain
banksieutoc.one
URL
https://banksieutoc.one/assets/fonts/boxicons.ttf

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| Cookies function| setImmediate function| clearImmediate function| swal function| sweetAlert function| muarandom function| muanick object| Wilq32 object| theToggle function| hasClass function| addClass function| removeClass function| toggleClass function| copyToClipboard object| modal object| btn object| span object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| Tab function| activeTab function| buyRandom function| buykc function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| r string| t object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
momo.banksieutoc.one/ Name: PHPSESSID
Value: 29428639283ddabda1a34dca7d2aaf2c
momo.banksieutoc.one/ Name: PHPREFS
Value: full
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.banksieutoc.one/ Name: __gads
Value: ID=f83f17e1d9e92d89-22ad7ad17ed70070:T=1669327624:RT=1669327624:S=ALNI_MZusJPXTkHdpIsLEOkFz4vFmiTqjw
.banksieutoc.one/ Name: __gpi
Value: UID=00000b86b89a190a:T=1669327624:RT=1669327624:S=ALNI_MbZ3CHALZU0PfyPN7wU4TJ75xMjZg

7 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4796296997108553&output=html&adk=1812271804&adf=3025194257&lmt=1669327624&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmomo.banksieutoc.one%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669327624165&bpp=2&bdt=937&idt=281&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6625280765269&frm=20&pv=2&ga_vid=665865320.1669327624&ga_sid=1669327624&ga_hid=902541557&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531705%2C44774652%2C21066431&oid=2&pvsid=1107965758337522&tmod=2104723676&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=305
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://momo.banksieutoc.one/
Message:
Access to font at 'https://banksieutoc.one/assets/fonts/boxicons.woff2' from origin 'https://momo.banksieutoc.one' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banksieutoc.one/assets/fonts/boxicons.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://momo.banksieutoc.one/
Message:
Access to font at 'https://banksieutoc.one/assets/fonts/boxicons.woff' from origin 'https://momo.banksieutoc.one' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banksieutoc.one/assets/fonts/boxicons.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://momo.banksieutoc.one/
Message:
Access to font at 'https://banksieutoc.one/assets/fonts/boxicons.ttf' from origin 'https://momo.banksieutoc.one' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banksieutoc.one/assets/fonts/boxicons.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.inetstatic.com
banksieutoc.one
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
momo.banksieutoc.one
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
vi.wikipedia.org
wallpaperaccess.com
www.google.com
banksieutoc.one
104.21.20.107
146.75.116.193
2606:4700:10::6816:2141
2606:4700:3031::6815:441f
2620:0:862:ed1a::1
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:831::2002
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03f70763565120fc42d375b0540981fca0b62ec1de04d806111c7e429ee47eae
045b227715c7bf0c850021feea5d019754ede09773b64e17c78ac41633709357
0950b077b520413531add5961351d2c7b4d4f14cc3e6d12c875435fd237a235f
09b82716b1382ad00294e157a42d8e71b8696a6570c3990638842408572ed662
198bd9546bfd29a99fe412b99f2313a3fa1b9e8afa658a47c5843d67960d48b3
1da9a621c3be5ef6854e41af01661f9162c9fe4276c4040a1c2ab41988ebb15e
1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba
2a7c3f7bd05bac2b7f2dfd13729c5ea58966323e164d800a42a52bec2e48cc56
2dd83af26ed5c6d49c1d4401a4d9e438bc8f173b639dc8dfb0838c4e70be973a
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
310b5be9f2f9529d876e9ab4b36a2f12db338af9006a56914ead796225ebbe66
31986a080a23215077cf4b7d5bea8c38ab0f380c55c9361616b4f14e623c5a84
32944879411986a6c5bc5886d2d261e9cd2541dbbee09baf88834a765e2a6ef2
331ae6c492db1af9f218583eb67a79ffdb102bef00fe26b9284c3adbd258e07e
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
37c0b0ee897779b8eafcfd52d4e8b8b3db97aba0a2eb503e40414ab638497de2
3d9a704a808e3d6534b8d7ccc45d8e7b26ad03e25d5f9338b0c89f2e1da8a314
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5673cbae0dc0af2fe20d57a6e5cb9ceb59bfb21f1be7fba8da69ad8beccd52ef
59231600a802f8e99df31c9c0a5f0259ae6f98282d800a1a7ec8b47636362644
5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
7136574919ae28c81048d019e30bcea1b382b8be9f517dca3ad66b1c6b38be6a
72a6f859e57d001df144874f8c7b48eff5302ff4fa5931fd10f61c58a7d73531
7ac3d760ee871c78b15222b2370b5ed4bce580b534ea6d4c27921911a7fee560
80a70373be25d13d2429f19f19bccbef46e76fefef84d47d423133818b327430
82843a2293143c619a79d6a8d700e57fb72ea730d56cb5fa8a7cc0ca5bc90c89
83b95cc10c5b0224655793f2baec6eaafa265e557606cc212d02a3f40c683cc2
8722aa73cde3508a528d76e459946fe18d495a85dc9f0e5bb039c7361621c8c0
8b6a1f09b3f4c2cfe575e7316bd4c68dc3df259e7b64d69b9be8d956f7d10e8b
90ed4340cb070362caf5b095bf81837a9f69e5dc4fd349bf396fee06dadf875b
9aaee62b88cfa903114d5f3790dbb26412a313abb502d00ec3906ef8597bdfeb
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a443599b665cfcd9a13fc46056624c65f518c06ee47925c4a940c58164b1b799
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b32aa7650c9ef927971a0ca9f0b65d697a6b55121cf636391f910339b0ee4bea
b6339159f209ed801b5bf3c0b681f73490f9e6cb1b4f03827d07ffe6228fe9fb
b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
c14a7c21a22af60f3d087d0fc59bed5a36ab845fd9fb09e9be0350eee7d273cf
c3270f295222b076621426ed5dd098bf593915075d714dcacc60ebbeb343ca68
cd2ecab2d0408a6d42f6517039d063e1912639d03fe000c78a0184d8b53c4379
d2121d80a0dd495935b5cb038a4f508bccfc8aac628af516b34eeebf76900c7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ebb866e41501547ff216d82aea50cb78040ab6821e3ce6a39c40ff418d34199c
eca391a0e148956a0a652cba32cf5d5cd36211e8dc050dd1aa0c2eb520ca3b22
eeccd0fa894c5491411de98a94bc03aa39451c99c72e65237d21df4f7a550ff2