urlscan.io logo urlscan.io
SecurityTrails logo

dddbcb7dba.nxcli.net Open in urlscan Pro
209.87.149.21  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://iimahmedabad.questionpro.com/t/ASmBAZ0jhy
Effective URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Submission: On November 16 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 82 HTTP transactions. The main IP is 209.87.149.21, located in United States and belongs to NEXCESS-NET, US. The main domain is dddbcb7dba.nxcli.net.
This is the only time dddbcb7dba.nxcli.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

IP Address AS Autonomous System
1 33 2606:4700:11:... 13335 (CLOUDFLAR...)
1 34 209.87.149.21 36444 (NEXCESS-NET)
10 2600:1901:0:c... 396982 (GOOGLE-CL...)
1 2600:1901:0:5... 15169 (GOOGLE)
82 5
Apex Domain
Subdomains		 Transfer
34 nxcli.net
dddbcb7dba.nxcli.net
1 MB
33 questionpro.com
iimahmedabad.questionpro.com
cdn.questionpro.com — Cisco Umbrella Rank: 121745
429 KB
11 usercentrics.eu
api.usercentrics.eu — Cisco Umbrella Rank: 8580
app.usercentrics.eu — Cisco Umbrella Rank: 10417
12 KB
82 3
Domain Requested by
34 dddbcb7dba.nxcli.net 1 redirects iimahmedabad.questionpro.com
dddbcb7dba.nxcli.net
29 iimahmedabad.questionpro.com 1 redirects iimahmedabad.questionpro.com
10 api.usercentrics.eu dddbcb7dba.nxcli.net
4 cdn.questionpro.com iimahmedabad.questionpro.com
1 app.usercentrics.eu
82 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-24 -
2024-04-23		 a year crt.sh
api.usercentrics.eu
GTS CA 1D4		 2023-10-06 -
2024-01-04		 3 months crt.sh
app.usercentrics.eu
GTS CA 1D4		 2023-10-08 -
2024-01-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://dddbcb7dba.nxcli.net/diba/meiingde/
Frame ID: 299EE216C32404EF5B00246F1536BB25
Requests: 58 HTTP requests in this frame

Frame: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/cross-domain-bridge.html
Frame ID: DB0520A6394AE71604C883032C757503
Requests: 1 HTTP requests in this frame

Frame: http://dddbcb7dba.nxcli.net/diba/meiingde/
Frame ID: 075DAA31C12846038BD57FC853F1E844
Requests: 16 HTTP requests in this frame

Frame: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/cross-domain-bridge.html
Frame ID: 811A8CDB02A9BC745AC2447D2FA12698
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ING Login

Page URL History Show full URLs

  1. https://iimahmedabad.questionpro.com/t/ASmBAZ0jhy HTTP 302
    https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D Page URL
  2. https://dddbcb7dba.nxcli.net/diba/meiingde HTTP 301
    http://dddbcb7dba.nxcli.net/diba/meiingde/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

82
Requests

52 %
HTTPS

75 %
IPv6

3
Domains

5
Subdomains

5
IPs

1
Countries

1584 kB
Transfer

7878 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://iimahmedabad.questionpro.com/t/ASmBAZ0jhy HTTP 302
    https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D Page URL
  2. https://dddbcb7dba.nxcli.net/diba/meiingde HTTP 301
    http://dddbcb7dba.nxcli.net/diba/meiingde/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://iimahmedabad.questionpro.com/t/ASmBAZ0jhy HTTP 302
  • https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
TakeSurvey
iimahmedabad.questionpro.com/a/
Redirect Chain
  • https://iimahmedabad.questionpro.com/t/ASmBAZ0jhy
  • https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
49 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1273c9f5583d1718d6c7330ec0e3c3c9147877c2a1ebfcaba37185966cfa82a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
amp-access-control-allow-source-origin
*
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
8270422b6f029156-FRA
content-encoding
br
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 14:00:08 GMT
p3p
policyref="https://www.questionpro.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
amp-access-control-allow-source-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
82704227dba69156-FRA
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 14:00:08 GMT
expires
Thu, 01 Dec 1994 16:00:00 GMT
location
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
bootstrap.min.css
cdn.questionpro.com/stylesheets/2021/bootstrap/3.4.1/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.questionpro.com/stylesheets/2021/bootstrap/3.4.1/css/bootstrap.min.css?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c28eb8900abce3c478234e62390838556d839c10b7073b2ba42bcbae20d6e2fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
5118
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
x-xss-protection
1;mode=block
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:35 GMT
server
cloudflare
etag
W/"6555da6f-1da44"
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
vary
Accept-Encoding
cf-ray
8270422f4ad39156-FRA
access-control-allow-headers
*
font-awesome.min.css
cdn.questionpro.com/stylesheets/2021/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.questionpro.com/stylesheets/2021/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
x-xss-protection
1;mode=block
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:35 GMT
server
cloudflare
etag
W/"6555da6f-7918"
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
private
vary
Accept-Encoding
cf-ray
8270422f4ad09156-FRA
access-control-allow-headers
*
bootstrap-toggle.min.css
iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/ 		2 KB
564 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/bootstrap-toggle.min.css?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3597e97ae646db56c9505e3e19aba479e767510f98ce96411425ea1d21ec9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:35 GMT
server
cloudflare
etag
W/"6555da6f-636"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8270422f3ac39156-FRA
access-control-allow-headers
*
take-survey-fonts.css
iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/take-survey-fonts.css?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1288d80f3aa27b6baa56721935a231c454bed758b8141329e3351e24f0ff55f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=29775
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:35 GMT
server
cloudflare
etag
W/"6555da6f-744f"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8270422f3ac69156-FRA
access-control-allow-headers
*
take-survey-common.css
iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/ 		556 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/take-survey-common.css?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce48ac6e5786d6ab967fb2c675ce596253d262ad5c8f349c4c0dc3251420ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=631294
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:35 GMT
server
cloudflare
etag
W/"6555da6f-9a1fe"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8270422f3ac79156-FRA
access-control-allow-headers
*
theme-0a86ea.css
iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/ 		96 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/theme-0a86ea.css?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb45cd45e8bd49bc276e1a15587cc731255a877249c91b92e1da71b5db1655d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=106438
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:35 GMT
server
cloudflare
etag
W/"6555da6f-19fc6"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8270422f3ac89156-FRA
access-control-allow-headers
*
jstz.min.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/jstz.min.js
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
290
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-2f2c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
827042306c1a9156-FRA
access-control-allow-headers
*
moment.min.js
cdn.questionpro.com/javascript/2021/2.29.4-moment/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.questionpro.com/javascript/2021/2.29.4-moment/moment.min.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3abec75692735d0664a10337b1403620f8edf2b4cb4b9fc5216dea2e623b1f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
5119
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
x-xss-protection
1;mode=block
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-e2d0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
vary
Accept-Encoding
cf-ray
827042306c1c9156-FRA
access-control-allow-headers
*
momentTimezoneData.min.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		842 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/momentTimezoneData.min.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe0258215c48485f5a356fef424c8f6b7ac5f307eef099f4c660c4880ab06b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
290
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-d2681"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
827042306c1d9156-FRA
access-control-allow-headers
*
jquery-3.6.4.min.js
cdn.questionpro.com/javascript/2021/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.questionpro.com/javascript/2021/jquery-3.6.4.min.js
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
x-xss-protection
1;mode=block
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-15ec3"
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
private
vary
Accept-Encoding
cf-ray
827042306c1e9156-FRA
access-control-allow-headers
*
jquery-ui.js
iimahmedabad.questionpro.com/javascript/2021/jquery-ui-1.13.0/ 		332 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/2021/jquery-ui-1.13.0/jquery-ui.js
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
173c9f9589afb346c1f4929c342e2bda4fffbb2b3846653c72bef17cc4c33639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
290
cf-polished
origSize=528830
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-811be"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
827042306c1f9156-FRA
access-control-allow-headers
*
showHideQuestion.js
iimahmedabad.questionpro.com/javascript/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/showHideQuestion.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf59594bbc6afe9153404587c12135c761be2ca22af62b5f18a66e5ce193ec9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
290
cf-polished
origSize=4256
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-10a0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
827042306c209156-FRA
access-control-allow-headers
*
waiting.gif
iimahmedabad.questionpro.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iimahmedabad.questionpro.com/images/waiting.gif
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
583851d6ef6f92b79ad7831f8981e11d3f685541134e9507a4ce046673a0332e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
290
cf-polished
origSize=5571
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
content-length
3239
amp-access-control-allow-source-origin
*
cf-bgj
imgq:100,h2pri
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
"6555da6e-15c3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
827042313ce99156-FRA
access-control-allow-headers
*
bootstrap.min.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/bootstrap.min.js
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
290
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-9b00"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd699156-FRA
access-control-allow-headers
*
bootstrap-select.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/bootstrap-select.js
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=71734
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-11836"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd709156-FRA
access-control-allow-headers
*
jquery.ui.touch-punch.min.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		2 KB
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/jquery.ui.touch-punch.min.js
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
290
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-660"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd739156-FRA
access-control-allow-headers
*
jquery.history.js
iimahmedabad.questionpro.com/javascript/appnavigation/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/appnavigation/jquery.history.js
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-5991"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd749156-FRA
access-control-allow-headers
*
util-tooltipster.js
iimahmedabad.questionpro.com/javascript/2016/utilJS/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/2016/utilJS/util-tooltipster.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=119776
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-1d3e0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd769156-FRA
access-control-allow-headers
*
take-survey-common.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/take-survey-common.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
290
cf-polished
origSize=9211
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-23fb"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd779156-FRA
access-control-allow-headers
*
defaultInteractivityBinding.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/defaultInteractivityBinding.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
664
cf-polished
origSize=27483
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-6b5b"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd789156-FRA
access-control-allow-headers
*
questionType.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/questionType.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
290
cf-polished
origSize=8397
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-20cd"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd799156-FRA
access-control-allow-headers
*
validate-survey.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		148 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/validate-survey.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=229516
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-3808c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd7a9156-FRA
access-control-allow-headers
*
sectionDisplayScript.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		147 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/sectionDisplayScript.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=223409
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-368b1"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd7c9156-FRA
access-control-allow-headers
*
javaScriptEngine.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/javaScriptEngine.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=16292
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-3fa4"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd7e9156-FRA
access-control-allow-headers
*
position-calculator.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/position-calculator.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=29026
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-7162"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd7f9156-FRA
access-control-allow-headers
*
flowplayer.min.js
iimahmedabad.questionpro.com/javascript/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/flowplayer.min.js
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-8b30"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd809156-FRA
access-control-allow-headers
*
jquery-input-mask-phone-number.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		2 KB
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/jquery-input-mask-phone-number.js
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
662
cf-polished
origSize=2897
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-b51"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231dd819156-FRA
access-control-allow-headers
*
spam-abuse.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/spam-abuse.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
289
cf-polished
origSize=9462
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-24f6"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231fd8f9156-FRA
access-control-allow-headers
*
focus-visible.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/focus-visible.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
290
cf-polished
origSize=5825
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-16c1"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231fd909156-FRA
access-control-allow-headers
*
interactiveSurvey.js
iimahmedabad.questionpro.com/javascript/takesurvey/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/javascript/takesurvey/interactiveSurvey.js?version=94.2.0
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
661
cf-polished
origSize=53009
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
amp-access-control-allow-source-origin
*
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 09:01:34 GMT
server
cloudflare
etag
W/"6555da6e-cf11"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
82704231fd929156-FRA
access-control-allow-headers
*
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/fonts/fira-sans-font/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/fonts/fira-sans-font/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/take-survey-fonts.css?version=94.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://iimahmedabad.questionpro.com/stylesheets/2016/takesurvey/take-survey-fonts.css?version=94.2.0
Origin
https://iimahmedabad.questionpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy-report-only
default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval' ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri /csp-violation-report-endpoint/
content-length
21244
amp-access-control-allow-source-origin
*
last-modified
Thu, 16 Nov 2023 09:01:35 GMT
server
cloudflare
etag
"6555da6f-52fc"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
827042320da49156-FRA
access-control-allow-headers
*
Primary Request /
dddbcb7dba.nxcli.net/diba/meiingde/
Redirect Chain
  • https://dddbcb7dba.nxcli.net/diba/meiingde
  • http://dddbcb7dba.nxcli.net/diba/meiingde/
31 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/
Requested by
Host: iimahmedabad.questionpro.com
URL: https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
0bf31d39c92ed2f8ff84d06b9093e4433537305908b0a00483b0881c90b5e0be

Request headers

Referer
https://iimahmedabad.questionpro.com/a/TakeSurvey?tt=rdyHM9wo2GwECHrPeIW9eQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 14:00:10 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-NxAccel
BYPASS

Redirect headers

content-length
250
content-type
text/html; charset=iso-8859-1
date
Thu, 16 Nov 2023 14:00:09 GMT
location
http://dddbcb7dba.nxcli.net/diba/meiingde/
server
nginx
x-cache-nxaccel
BYPASS
icomoon.ttf
iimahmedabad.questionpro.com/stylesheets/2016/smiley-fonts/ 		0
0
icomoon.woff
iimahmedabad.questionpro.com/stylesheets/2016/smiley-fonts/ 		0
0
BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		1 KB
759 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
963713702294c12c60ee25875eac53286b39cd67cadbdd27fe7048444cab82bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:32 GMT
Server
nginx
ETag
W/"418-60a44f44ce878"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache-NxAccel
STALE
Connection
keep-alive
bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/ 		1 MB
125 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
ec3d14f088762e97409ac90dcd556d1e2f6a6453abe877ead9b3fb5cc89c7915

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:26:09 GMT
Server
nginx
ETag
W/"1163ff-60a44f67ae415"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache-NxAccel
STALE
Connection
keep-alive
qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
9d0ce0dd87e2d9bc4171914be7b288f8388ce7c26dc58e0a465a82760e899914

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:36 GMT
Server
nginx
ETag
W/"7df-60a44f4818534"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Cache-NxAccel
STALE
Connection
keep-alive
qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Last-Modified
Thu, 16 Nov 2023 13:25:37 GMT
Server
nginx
ETag
"af26-60a44f497a543"
X-Cache-NxAccel
STALE
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44838
jquery-3.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/jquery-3.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:35 GMT
Server
nginx
ETag
W/"15d84-60a44f474b3f5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
STALE
Connection
keep-alive
wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
01c98d0b42ebc6e82182aa60eef96a377a82208b0a5c34f3cae929751276b5fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:39 GMT
Server
nginx
ETag
W/"6a9e-60a44f4aaa48a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
STALE
Connection
keep-alive
busy-ver-C331575AF308054F00673A92BCB41217.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/busy-ver-C331575AF308054F00673A92BCB41217.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
ea47d1594eeaa7bfbe092e4e38a5203b16737f17f87a8fdd6a79cd3fc63dab1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:32 GMT
Server
nginx
ETag
W/"1bcc-60a44f447bc40"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
STALE
Connection
keep-alive
main.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		420 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/main.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
bc872a6a4c9a3d0c34a7f387b930bca9353c96037a25b7dc82955c461ee45345

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:37 GMT
Server
nginx
ETag
W/"68f12-60a44f48d317c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
STALE
Connection
keep-alive
webtrekk_v4.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/webtrekk_v4.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
b5830f800a89c19deb7763881cabba52e7b617ea74b983aa4f8a95bb06b83454

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:39 GMT
Server
nginx
ETag
W/"fbd1-60a44f4ae59c2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
STALE
Connection
keep-alive
bundle.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		619 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/bundle.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
3b513c80e1570b67f86e93227a47ef058ff7ecb5a0254df411d14e3c7be81603

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:31 GMT
Server
nginx
ETag
W/"9ade5-60a44f43a8189"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
STALE
Connection
keep-alive
SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ 		103 B
398 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
73a5f7c390a84dd606e6211a774af311bc3ce5be35ec6bba7f23ad591bc46a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:10 GMT
Last-Modified
Thu, 16 Nov 2023 13:25:38 GMT
Server
nginx
ETag
"67-60a44f49a1643"
Vary
Accept-Encoding
X-Cache-NxAccel
STALE
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103
ING_Deutschland_NoClaim.svg
dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/images/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/images/ING_Deutschland_NoClaim.svg
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:26:25 GMT
Server
nginx
ETag
W/"3f1d-60a44f76bd79e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Cache-NxAccel
STALE
Connection
keep-alive
INGMeWeb-Bold.html
dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfo... 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Bold.html
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
ab03c9e735ac9f1ccdeb350a42df96c5e53df2b535bd427491a4d820565c4076

Request headers

Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Origin
http://dddbcb7dba.nxcli.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:27:23 GMT
Server
nginx
ETag
W/"76f8-60a44fae96950"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
X-Cache-NxAccel
BYPASS
Connection
keep-alive
INGMeWeb-Regular.html
dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfo... 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Regular.html
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
3fc18c3d98c4245afbb3d987be0fc53041681dfcd5903381fe34179048c2a520

Request headers

Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Origin
http://dddbcb7dba.nxcli.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:27:27 GMT
Server
nginx
ETag
W/"73b0-60a44fb19a4f5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
X-Cache-NxAccel
BYPASS
Connection
keep-alive
icons.woff
dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfo... 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/icons.woff
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8

Request headers

Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Origin
http://dddbcb7dba.nxcli.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:11 GMT
Last-Modified
Thu, 16 Nov 2023 13:27:23 GMT
Server
nginx
ETag
"7e28-60a44fae5f680"
X-Cache-NxAccel
STALE
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32296
dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/ 		39 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/bundle.js
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
ba25ee94778b8424fc21560e8868a2e401417654fd0cb4735d8e9365a561faad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<https://stargrafixmarketing.com/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/ 		39 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/bundle.js
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
ba25ee94778b8424fc21560e8868a2e401417654fd0cb4735d8e9365a561faad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<https://stargrafixmarketing.com/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
cross-domain-bridge.html
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame DB05 		6 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/cross-domain-bridge.html
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
08ca3eb2d56d2ac4730bcd56fc57fb2d0a661489d16eb3a408232dc70fa02cd0

Request headers

Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 16 Nov 2023 14:00:11 GMT
ETag
W/"1988-60a44f454cbff"
Last-Modified
Thu, 16 Nov 2023 13:25:33 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-NxAccel
BYPASS
languages.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ 		61 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
http://dddbcb7dba.nxcli.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Thu, 16 Nov 2023 14:00:11 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPr2xqvYjcFQbRUY0AIHgVq7WO-XVh8Ewgios7YM771tdKGHylKFx4B_xZEh44sHlQ7_2xiUSb1ESJ9bep2MhNRULTYNDgf6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
last-modified
Mon, 30 Oct 2023 14:22:59 GMT
server
UploadServer
etag
"da13a9b5363ff28c20e52e67131f24fd"
vary
Accept-Encoding
x-goog-generation
1698675778898309
x-goog-hash
crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
67
accept-ranges
bytes
content-type
application/json
expires
Thu, 16 Nov 2023 14:01:11 GMT
languages.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://dddbcb7dba.nxcli.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 14:00:11 GMT
expires
Thu, 16 Nov 2023 14:00:11 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPpCHIGD8XPpaFd48PWJfKxxt71EtYqLkM27zjmfhxjvT_CkxVYHEyVZYUsDOZSSS3mlc_ryBRQc9rsJmlMqJoniNw
dps-de.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ 		4 KB
933 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
450201162b5498e25b85847493129166145f19fd9defe37f173e7ddc161e922b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
http://dddbcb7dba.nxcli.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Thu, 16 Nov 2023 14:00:11 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPqrzABaDAZiAHbeLc13PQGm2DELYSFjbMS9puAs0ZSk7BnUvK4urswVAM975X91hqcX3dGSCOiFHL-gLvypMGAt
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
900
last-modified
Mon, 30 Oct 2023 14:22:58 GMT
server
UploadServer
etag
"7a3911cf843a9be28e729a02d27c2bdb"
vary
Accept-Encoding
x-goog-generation
1698675778872805
x-goog-hash
crc32c=bruZ1w==, md5=ejkRz4Q6m+KOcpoC0nwr2w==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
900
accept-ranges
bytes
content-type
application/json
expires
Thu, 16 Nov 2023 14:01:11 GMT
dps-de.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://dddbcb7dba.nxcli.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 14:00:11 GMT
expires
Thu, 16 Nov 2023 14:00:11 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPon7COIk7ogtpN51VMwZM4gTGJ2vTSFEGggqsvbMqBmmHO2V5eW2v5UO0fU2046Y8h1Zmnwy3Wxk61IjS0Ep_N1d23uYB4h
core.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ 		1 KB
751 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a17b48be59feaefd530ce7dfb8e1acbab6cef585b914a445690be0239ee97bcc
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
http://dddbcb7dba.nxcli.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Thu, 16 Nov 2023 14:00:04 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
7
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPqIQT0owf4ViUZ5LCVdbfNQN2fPBp-BnhCL__Ba1s_xUIhKFpW51mhM3N7mUu2Qnq4nWWrySVX2AymXarS_PYYR3cK3D8jB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
718
last-modified
Mon, 30 Oct 2023 14:22:58 GMT
server
UploadServer
etag
"23da3d6cfe5af81191f4d90571725e63"
vary
Accept-Encoding
x-goog-generation
1698675778870672
x-goog-hash
crc32c=Itrn6g==, md5=I9o9bP5a+BGR9NkFcXJeYw==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
718
accept-ranges
bytes
content-type
application/json
expires
Thu, 16 Nov 2023 14:01:04 GMT
core.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://dddbcb7dba.nxcli.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 14:00:11 GMT
expires
Thu, 16 Nov 2023 14:00:11 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPodlu4aREcyD0DmBmyQ7CfOglCYGD0O-g3jIw5TcDk6LUqmWck6wXYU6m2lMRnJYJXLn8yvkGgCzQC_W0YBUrGr
/
dddbcb7dba.nxcli.net/diba/meiingde/ Frame 075D 		31 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/main.js
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
0bf31d39c92ed2f8ff84d06b9093e4433537305908b0a00483b0881c90b5e0be

Request headers

Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 14:00:11 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-NxAccel
BYPASS
BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		1 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
963713702294c12c60ee25875eac53286b39cd67cadbdd27fe7048444cab82bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:32 GMT
Server
nginx
ETag
W/"418-60a44f44ce878"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache-NxAccel
HIT
Connection
keep-alive
bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/ Frame 075D 		1 MB
125 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
ec3d14f088762e97409ac90dcd556d1e2f6a6453abe877ead9b3fb5cc89c7915

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:26:09 GMT
Server
nginx
ETag
W/"1163ff-60a44f67ae415"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache-NxAccel
HIT
Connection
keep-alive
qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
9d0ce0dd87e2d9bc4171914be7b288f8388ce7c26dc58e0a465a82760e899914

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:36 GMT
Server
nginx
ETag
W/"7df-60a44f4818534"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Cache-NxAccel
HIT
Connection
keep-alive
qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Last-Modified
Thu, 16 Nov 2023 13:25:37 GMT
Server
nginx
ETag
"af26-60a44f497a543"
X-Cache-NxAccel
HIT
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44838
jquery-3.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/jquery-3.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:35 GMT
Server
nginx
ETag
W/"15d84-60a44f474b3f5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
HIT
Connection
keep-alive
wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
01c98d0b42ebc6e82182aa60eef96a377a82208b0a5c34f3cae929751276b5fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:39 GMT
Server
nginx
ETag
W/"6a9e-60a44f4aaa48a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
HIT
Connection
keep-alive
busy-ver-C331575AF308054F00673A92BCB41217.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/busy-ver-C331575AF308054F00673A92BCB41217.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
ea47d1594eeaa7bfbe092e4e38a5203b16737f17f87a8fdd6a79cd3fc63dab1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:32 GMT
Server
nginx
ETag
W/"1bcc-60a44f447bc40"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
HIT
Connection
keep-alive
main.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		420 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/main.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
bc872a6a4c9a3d0c34a7f387b930bca9353c96037a25b7dc82955c461ee45345

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:37 GMT
Server
nginx
ETag
W/"68f12-60a44f48d317c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
HIT
Connection
keep-alive
webtrekk_v4.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/webtrekk_v4.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
b5830f800a89c19deb7763881cabba52e7b617ea74b983aa4f8a95bb06b83454

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:39 GMT
Server
nginx
ETag
W/"fbd1-60a44f4ae59c2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
HIT
Connection
keep-alive
bundle.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		619 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/bundle.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
3b513c80e1570b67f86e93227a47ef058ff7ecb5a0254df411d14e3c7be81603

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 13:25:31 GMT
Server
nginx
ETag
W/"9ade5-60a44f43a8189"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache-NxAccel
HIT
Connection
keep-alive
SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 075D 		103 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
73a5f7c390a84dd606e6211a774af311bc3ce5be35ec6bba7f23ad591bc46a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:12 GMT
Last-Modified
Thu, 16 Nov 2023 13:25:38 GMT
Server
nginx
ETag
"67-60a44f49a1643"
Vary
Accept-Encoding
X-Cache-NxAccel
HIT
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103
languages.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://dddbcb7dba.nxcli.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 14:00:12 GMT
expires
Thu, 16 Nov 2023 14:00:12 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPoAUXPAgJ2fLAZt26CyMe7DAhFjj_SxOnIA_VRJIWf5uNVLQObAU-tPRPsJNm8DlR9rLx2ybPZxuS2b1L9pVe8J85BAgxYF
languages.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 075D 		61 B
100 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
http://dddbcb7dba.nxcli.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Thu, 16 Nov 2023 14:00:12 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPr7N8MEHXFOSNB2xnPv4JSCsk-TqtbDeVuNmzSrJf4QNstyeI3NhGDgwf9SKzN6IKGdSFgrO8blAULrfWb0Hg-tFL1J0K6X
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
last-modified
Mon, 30 Oct 2023 14:22:59 GMT
server
UploadServer
etag
"da13a9b5363ff28c20e52e67131f24fd"
vary
Accept-Encoding
x-goog-generation
1698675778898309
x-goog-hash
crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
67
accept-ranges
bytes
content-type
application/json
expires
Thu, 16 Nov 2023 14:01:12 GMT
dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/ Frame 075D 		0
0
dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/ Frame 075D 		0
0
cross-domain-bridge.html
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/ Frame 811A 		6 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/cross-domain-bridge.html
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
08ca3eb2d56d2ac4730bcd56fc57fb2d0a661489d16eb3a408232dc70fa02cd0

Request headers

Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 16 Nov 2023 14:00:12 GMT
ETag
W/"1988-60a44f454cbff"
Last-Modified
Thu, 16 Nov 2023 13:25:33 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-NxAccel
BYPASS
dps-de.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 075D 		0
0
dps-de.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 		0
0
de.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://dddbcb7dba.nxcli.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 14:00:12 GMT
expires
Thu, 16 Nov 2023 14:00:12 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPo0jLbQsDcWF47HbKLYJc95cli-rnSUV7gJuVDHUipmK5n3SC2LIfUt0ktal75tOveJux8W_6yPrPyvygBINGCZEXI9zbY0
1px.png
app.usercentrics.eu/session/ 		489 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=oAoDY7kHB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:52:05 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
487
x-guploader-uploadid
ABPtcPr3bd126p4YXNr6RXK90YpRoWWy0aPf0tqme-p6XFirkTL03UKtKSI4Q1D5YssRnN3DmCCK3n7uzLDsxR_KRc_3nHW3_Uh0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Thu, 16 Nov 2023 14:22:05 GMT
de.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ 		28 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/de.json
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3a33fd4d78067c1a2f4e957d89ef9393345d2b1580b89c6bc15a2a6c39c1cc0d
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
http://dddbcb7dba.nxcli.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Thu, 16 Nov 2023 14:00:04 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
8
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ABPtcPrORjcqyyzP6XukvbPn3Y71TAXYJBJbPLUa3TIecBI-SPE-lmtZsKul70sLXmlexS00x0WhNLV66xpH1UteCnBZpw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8506
last-modified
Mon, 30 Oct 2023 14:22:58 GMT
server
UploadServer
etag
"6b0157dd50eaadec0769494ab20e0039"
vary
Accept-Encoding
x-goog-generation
1698675778896235
x-goog-hash
crc32c=acbP8g==, md5=awFX3VDqrewHaUlKsg4AOQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
8506
accept-ranges
bytes
content-type
application/json
expires
Thu, 16 Nov 2023 14:01:04 GMT
7963.js
dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/chunks/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/chunks/7963.js
Requested by
Host: dddbcb7dba.nxcli.net
URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/main.js
Protocol
HTTP/1.1
Server
209.87.149.21 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-2841072.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dddbcb7dba.nxcli.net/diba/meiingde/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 14:00:14 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<https://stargrafixmarketing.com/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
iimahmedabad.questionpro.com
URL
https://iimahmedabad.questionpro.com/stylesheets/2016/smiley-fonts/icomoon.ttf?p1x754&version=91.4.3
Domain
iimahmedabad.questionpro.com
URL
https://iimahmedabad.questionpro.com/stylesheets/2016/smiley-fonts/icomoon.woff?p1x754&version=91.4.3
Domain
dddbcb7dba.nxcli.net
URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
Domain
dddbcb7dba.nxcli.net
URL
http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
Domain
api.usercentrics.eu
URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json
Domain
api.usercentrics.eu
URL
https://api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Wicket object| RequestBlocker object| UC_UI_DOMAINS undefined| wts undefined| wt_safetagConfig object| webtrekkUnloadObjects object| webtrekkLinktrackObjects object| webtrekkHeatmapObjects function| WebtrekkV3 function| webtrekkV3 object| regeneratorRuntime object| picturefillCFG function| picturefill function| getBreakpoint function| Hammer object| WebTrekk object| DiBa object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| diba object| wt object| webpackChunking_feat_cookie_consent_de function| JSCompiler_renameProperty function| __import__

4 Cookies

Domain/Path Name / Value
iimahmedabad.questionpro.com/a Name: run
Value: 0af3a20f5f908074376b50ec7a646787
iimahmedabad.questionpro.com/ Name: JSESSIONID
Value: caaDvYQT8yp3Zh0By9xVy
.questionpro.com/ Name: siteRef
Value: 4223396
cdn.questionpro.com/ Name: QPSTATIC
Value: static|ZVYgb

3 Console Messages

Source Level URL
Text
network error URL: http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://dddbcb7dba.nxcli.net/diba/meiingde/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://dddbcb7dba.nxcli.net/diba/meiingde/ING%20Login_fichiers/chunks/7963.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.usercentrics.eu
app.usercentrics.eu
cdn.questionpro.com
dddbcb7dba.nxcli.net
iimahmedabad.questionpro.com
api.usercentrics.eu
dddbcb7dba.nxcli.net
iimahmedabad.questionpro.com
209.87.149.21
2600:1901:0:5987::
2600:1901:0:c07c::
2606:4700:11::6817:8243
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
01c98d0b42ebc6e82182aa60eef96a377a82208b0a5c34f3cae929751276b5fa
08ca3eb2d56d2ac4730bcd56fc57fb2d0a661489d16eb3a408232dc70fa02cd0
0bf31d39c92ed2f8ff84d06b9093e4433537305908b0a00483b0881c90b5e0be
1273c9f5583d1718d6c7330ec0e3c3c9147877c2a1ebfcaba37185966cfa82a3
173c9f9589afb346c1f4929c342e2bda4fffbb2b3846653c72bef17cc4c33639
2eb45cd45e8bd49bc276e1a15587cc731255a877249c91b92e1da71b5db1655d
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8
3a33fd4d78067c1a2f4e957d89ef9393345d2b1580b89c6bc15a2a6c39c1cc0d
3abec75692735d0664a10337b1403620f8edf2b4cb4b9fc5216dea2e623b1f34
3b513c80e1570b67f86e93227a47ef058ff7ecb5a0254df411d14e3c7be81603
3fc18c3d98c4245afbb3d987be0fc53041681dfcd5903381fe34179048c2a520
450201162b5498e25b85847493129166145f19fd9defe37f173e7ddc161e922b
583851d6ef6f92b79ad7831f8981e11d3f685541134e9507a4ce046673a0332e
5ce48ac6e5786d6ab967fb2c675ce596253d262ad5c8f349c4c0dc3251420ce0
73a5f7c390a84dd606e6211a774af311bc3ce5be35ec6bba7f23ad591bc46a11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fe0258215c48485f5a356fef424c8f6b7ac5f307eef099f4c660c4880ab06b3
963713702294c12c60ee25875eac53286b39cd67cadbdd27fe7048444cab82bb
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf
9d0ce0dd87e2d9bc4171914be7b288f8388ce7c26dc58e0a465a82760e899914
a17b48be59feaefd530ce7dfb8e1acbab6cef585b914a445690be0239ee97bcc
ab03c9e735ac9f1ccdeb350a42df96c5e53df2b535bd427491a4d820565c4076
ac3597e97ae646db56c9505e3e19aba479e767510f98ce96411425ea1d21ec9f
b5830f800a89c19deb7763881cabba52e7b617ea74b983aa4f8a95bb06b83454
ba25ee94778b8424fc21560e8868a2e401417654fd0cb4735d8e9365a561faad
baf59594bbc6afe9153404587c12135c761be2ca22af62b5f18a66e5ce193ec9
bc872a6a4c9a3d0c34a7f387b930bca9353c96037a25b7dc82955c461ee45345
c28eb8900abce3c478234e62390838556d839c10b7073b2ba42bcbae20d6e2fc
dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0
ea47d1594eeaa7bfbe092e4e38a5203b16737f17f87a8fdd6a79cd3fc63dab1a
ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273
ec3d14f088762e97409ac90dcd556d1e2f6a6453abe877ead9b3fb5cc89c7915
f1288d80f3aa27b6baa56721935a231c454bed758b8141329e3351e24f0ff55f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e