banking-online.org Open in urlscan Pro
2606:4700:3033::6815:375c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.banking-online-org.pfeilerfamily.com/
Effective URL:
https://banking-online.org/
Submission: On October 07 via automatic, source certstream-suspicious (October 7th 2021, 12:12:48 am UTC) — Scanned from DE

Summary HTTP 95 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 18 domains to perform 95 HTTP transactions. The main IP is 2606:4700:3033::6815:375c, located in United States and belongs to CLOUDFLARENET, US. The main domain is banking-online.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 13th 2020. Valid for: a year.

This is the only time banking-online.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.241.253.99 162.241.253.99	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
19	2606:4700:303... 2606:4700:3033::6815:375c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
12	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
18	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.213.35 52.222.213.35	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	192.229.220.58 192.229.220.58	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	52.46.135.132 52.46.135.132	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:7a00:1d:d7f6:39cf:a761	16509 (AMAZON-02) (AMAZON-02)
1	52.94.240.125 52.94.240.125	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	152.195.53.173 152.195.53.173	15133 (EDGECAST) (EDGECAST)
3	34.102.149.62 34.102.149.62	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
95	25

1 162.241.253.99 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5783.bluehost.com

www.banking-online-org.pfeilerfamily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3033::6815:375c (United States)

ASN13335 (CLOUDFLARENET, US)

banking-online.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.213.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-213-35.fra56.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.229.220.58 (United States)

ASN15133 (EDGECAST, US)

cdn.plus500.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.135.132 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

ws-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:7a00:1d:d7f6:39cf:a761 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.240.125 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ir-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.53.173 (United States)

ASN15133 (EDGECAST, US)

marketools.plus500.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.149.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.149.102.34.bc.googleusercontent.com

navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	media.net contextual.media.net lg3.media.net navvy.media.net	237 KB
19	banking-online.org banking-online.org	62 KB
15	wp.com c0.wp.com stats.wp.com pixel.wp.com i1.wp.com	309 KB
8	plus500.com cdn.plus500.com marketools.plus500.com	351 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	183 KB
4	doubleclick.net googleads.g.doubleclick.net	11 KB
4	google.com www.google.com adservice.google.com	2 KB
3	gstatic.com fonts.gstatic.com	90 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	amazon-adsystem.com 1 redirects z-na.amazon-adsystem.com ws-na.amazon-adsystem.com ir-na.amazon-adsystem.com	9 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	661 B
1	2mdn.net s0.2mdn.net	63 KB
1	media-amazon.com m.media-amazon.com	13 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	pfeilerfamily.com 1 redirects www.banking-online-org.pfeilerfamily.com	169 B
0	Failed function sub() { [native code] }. Failed
95	18

	Domain	Requested by
19	banking-online.org	banking-online.org
12	c0.wp.com	banking-online.org
10	contextual.media.net	banking-online.org contextual.media.net
8	lg3.media.net	banking-online.org contextual.media.net
6	cdn.plus500.com	banking-online.org cdn.plus500.com ajax.googleapis.com
6	pagead2.googlesyndication.com	banking-online.org pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	navvy.media.net	contextual.media.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.google.com	banking-online.org tpc.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	marketools.plus500.com	ajax.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	cdn.plus500.com
1	s0.2mdn.net	cdn.plus500.com
1	ir-na.amazon-adsystem.com	banking-online.org
1	m.media-amazon.com	banking-online.org
1	ws-na.amazon-adsystem.com	1 redirects
1	i1.wp.com	banking-online.org
1	pixel.wp.com	banking-online.org
1	stats.wp.com	banking-online.org
1	z-na.amazon-adsystem.com	banking-online.org
1	fonts.googleapis.com	banking-online.org
1	www.googletagmanager.com	banking-online.org
1	www.banking-online-org.pfeilerfamily.com	1 redirects
0	blank Failed	banking-online.org
95	29

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
techeq.in
www.tecupdate.com
www.tecplac.com
el3zba.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-13` - `2021-11-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
z-na.amazon-adsystem.com Amazon	`2020-12-12` - `2022-01-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.plus500.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-19` - `2022-03-24`	a year	crt.sh
Images-na.ssl-images-amazon.com DigiCert Global CA G2	`2021-03-23` - `2022-03-22`	a year	crt.sh
www.assoc-amazon.ca Amazon	`2021-01-08` - `2022-01-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 14 frames:

Primary Page: https://banking-online.org/
Frame ID: 30CC46F199A53D9092EFAEECB0BF1BC0
Requests: 65 HTTP requests in this frame

Frame: https://cdn.plus500.com/Media/Banners/300x250/58366/index.html?set=Coronavirus-Banner&language=EN&country=GB&url=https%3A%2F%2Fwww.plus500.co.uk%2F%3Fid%3D125187%26pl%3D2
Frame ID: 35E431BF087EDAD19569082168C87B11
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html
Frame ID: 81222133A568322BD9779EE605769FFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737634509213731&output=html&adk=1812271804&adf=3025194257&lmt=1633534332&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbanking-online.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633565562469&bpp=3&bdt=418&idt=137&shv=r20211004&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8729568983009&frm=20&pv=2&ga_vid=658770239.1633565562&ga_sid=1633565563&ga_hid=201766778&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C31062369%2C31062944%2C31063054&oid=2&pvsid=2285341876046979&pem=909&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=160
Frame ID: 2C06D0A2A9F7EF9E2275B36C813727A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737634509213731&output=html&h=600&slotname=7796291165&adk=2089844442&adf=1381131413&pi=t.ma~as.7796291165&w=300&fwrn=4&fwrnh=100&lmt=1633534332&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fbanking-online.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633565562472&bpp=3&bdt=422&idt=165&shv=r20211004&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8729568983009&frm=20&pv=1&ga_vid=658770239.1633565562&ga_sid=1633565563&ga_hid=201766778&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1048&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C31062369%2C31062944%2C31063054&oid=2&pvsid=2285341876046979&pem=909&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BcOT2ZKxbG&p=https%3A//banking-online.org&dtd=171
Frame ID: 7498B37E24D7889698EFCCCC0674FECA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737634509213731&output=html&h=600&slotname=7796291165&adk=1146522665&adf=3903202538&pi=t.ma~as.7796291165&w=160&fwrn=4&fwrnh=100&lmt=1633534332&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fbanking-online.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633565562475&bpp=1&bdt=424&idt=196&shv=r20211004&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8729568983009&frm=20&pv=1&ga_vid=658770239.1633565562&ga_sid=1633565563&ga_hid=201766778&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=252&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C31062369%2C31062944%2C31063054&oid=2&pvsid=2285341876046979&pem=909&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NzXx2rZj3E&p=https%3A//banking-online.org&dtd=199
Frame ID: 85C13AAA9869052C74D792E690E92FA5
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU79EY8X&https=1&itype=CM
Frame ID: A464F14B8E2D473DC1A8436566793101
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU79EY8X&https=1&itype=CM
Frame ID: 3B63DE0C5FA43195AA1A1BA91F360D26
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU79EY8X&https=1&itype=CM
Frame ID: F31052A58982F6CE2012AF31A956F27A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV72800.js
Frame ID: 3F466644B536EEB50819A8F8E873A194
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV72800.js
Frame ID: B46907D123CD038A23E5535BA7C5AB48
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV72800.js
Frame ID: 338ECA4858EB2BA5338DDF4D6D50352C
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FA57EAEB0BC7492ED25ACB89CA02CA0A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED4DC206EC9E50CBC27FD096D5F91A52
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banking Online - #1 Online Banking Directory Resource

Page URL History Show full URLs

https://www.banking-online-org.pfeilerfamily.com/ HTTP 301
https://banking-online.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
/([\d.]+)/jquery(?:\.min)?\.js

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

95
Requests

98 %
HTTPS

54 %
IPv6

18
Domains

29
Subdomains

25
IPs

2
Countries

1421 kB
Transfer

2942 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.com/How-Generate-Earn-Royalty-Income/dp/B085RPXFC7/ref=as_li_ss_il?_encoding=UTF8&qid=1585414129&sr=8-2&linkCode=li3&tag=lealuk-20&linkId=8fe49d72e88fdd56323cad4759c3d4f7&language=en_US
Title: <img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B085RPXFC7&Format=_SL250_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=lealuk-20&language=en_US" >

Search URL Search Domain Scan URL

URL: https://techeq.in/nbt-bank-online/
Title: Nbt bank online - TechEQ

Search URL Search Domain Scan URL

URL: https://www.tecupdate.com/nbt-online-banking-secure-login/
Title: Nbt Online Banking Secure Login - TECUPDATE

Search URL Search Domain Scan URL

URL: https://www.tecupdate.com/nbt-online-banker/
Title: Nbt Online Banker - Tecupdate

Search URL Search Domain Scan URL

URL: https://www.tecplac.com/regions-online-banking/
Title: Regions Online Banking Login | TECPLAC

Search URL Search Domain Scan URL

URL: https://el3zba.com/r-login/rabobank-personal-online-login/
Title: Rabobank personal online login

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.banking-online-org.pfeilerfamily.com/ HTTP 301
https://banking-online.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B085RPXFC7&Format=_SL250_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=lealuk-20&language=en_US HTTP 302
https://m.media-amazon.com/images/I/51eUGFXvAjL._SL250_.jpg

95 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
banking-online.org/
Redirect Chain

https://www.banking-online-org.pfeilerfamily.com/
https://banking-online.org/

43 KB
11 KB

187ms
121ms

Document
text/html

2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006dad84a8366b9ca5cff7c4257c61886a271fdfde668e117ea68e5adbd75f9e

Request headers

:method: GET
:authority: banking-online.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-type: text/html; charset=utf-8
cache-provider: CLOUDWAYS-CACHE-DE
last-modified: Wed, 06 Oct 2021 15:32:12 GMT
vary: Accept-Encoding
age: 1894
x-cache: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lhl4zrhNkm7PHTeaSwSQ7fj1RADP%2FUVQNzogW3fitVW7UWWtu2mOtrDfN6URI28myOxABVWUua31Qk%2F9XqogCW2INbsSz%2BPyaUbWH1dBm233pSbVIJwyOVNZdMHSPJmNH%2By0TjwAc7emw0EkidK96c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69a2eb5a0b204aaa-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 07 Oct 2021 00:12:41 GMT
server: nginx/1.19.10
content-type: text/html; charset=UTF-8
content-length: 0
x-redirect-by: WordPress
location: https://banking-online.org/
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: false

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 57ms
34ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145745368-42

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

746012d40742c0ae57df65ce9ac9cdf6b3924430fda9c21a351d5e277b56121d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39149
x-xss-protection: 0
expires: Thu, 07 Oct 2021 00:12:42 GMT

GET
H2 200 style.css
banking-online.org/wp-content/themes/foodiepro/ 29 KB
7 KB 118ms
115ms Stylesheet
text/css 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/themes/foodiepro/style.css?ver=3.1.4
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34f14940b60b0b9a84157eea806966492a740012ca1083849a01a1d871a8cc8

Request headers

:path: /wp-content/themes/foodiepro/style.css?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=41572
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 14:04:51 GMT
server: cloudflare
etag: W/"61322b83-a264"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLA789JoRcBIZJgw3UsAFLIeu4gTBRPyH0d%2BD5hcNANx2l3HGo7LUpWRbicr8fAF%2FjO9YaBSSePW2EckqtJx%2BfZnA9rOwLmhXFWFuJHMDZfWZUE1DbHYkCNZbAboiXelG%2FaBqobUWpyG%2BtFljwcSvA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 69a2eb5b1c1e4aaa-FRA
expires: Sun, 31 Oct 2021 13:31:38 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/ 79 KB
10 KB 31ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 11 KB
2 KB 31ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 4 KB
1 KB 31ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 wpautoterms.css
banking-online.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 433 B
498 B 116ms
109ms Stylesheet
text/css 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.8.1
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 730abe6d94c4b765efabab2bb666a09a54a40f41a95b32965931806a7b4992cc

Request headers

:path: /wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=547
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 14:06:16 GMT
server: cloudflare
etag: W/"61322bd8-223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Wa7P3L18xJ807vONGeVVLByGc%2BI%2FVnTpjlIJvHNVii%2B%2Fr5xWgSojFPoeqGHGdLA9rRhuZ56JM7d066hCyrwU4EcenizhR3Htpp9ITDyxW8cZ49wWWstjw13PDvutErymzT2FeOamt1lot1Ado7GbzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c264aaa-FRA
expires: Mon, 01 Nov 2021 20:44:52 GMT

GET
H2 200 styles.css
banking-online.org/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 114ms
108ms Stylesheet
text/css 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2640
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 14:07:39 GMT
server: cloudflare
etag: W/"61322c2b-a50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2Fd5q4G1fbNyNvMcVloEw1h9Su9AaZ3bfK5xazJKlfZ3aXyDRqWEEmOdgaCDQ5zFnqDWIWcWhZAbeFSoOc6VO6hXoEIXTjFvseM%2BSe1ej%2BpQ7hIEqc0xol2tHwE%2FS4eQwXtX4eZWOFGpJ%2BRmoHRPoCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c274aaa-FRA
expires: Mon, 01 Nov 2021 20:44:49 GMT

GET
H2 200 style.min.css
banking-online.org/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 438 B
574 B 138ms
132ms Stylesheet
text/css 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a

Request headers

:path: /wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Sep 2021 14:07:21 GMT
server: cloudflare
etag: W/"61322c19-1b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvEDXDIYlYTim5iAQ1NhTjUin3lnsDV0QyDFsKv8N0JaFOqsoqRpGjuei9%2F%2FhWcIBBrheZxze%2BNQdhX157YBAPGg%2FxGuOr%2FLvGPb6E%2Fb2YsdzmmUy%2BYm%2Fu3Iz9IzXT7KPtjUxBtSwUQnrJ0TpIhHla8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69a2eb5b2c294aaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 02 Nov 2021 23:32:00 GMT

GET
H2 200 screen.min.css
banking-online.org/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 119ms
113ms Stylesheet
text/css 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc

Request headers

:path: /wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Sep 2021 14:03:44 GMT
server: cloudflare
etag: W/"61322b40-13ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Iygd0EXHT7D3LzyOxbY%2FjiRtCxiFRTWg%2FpUTyOKJtlaspXIpoU6VdNpqm%2B6P4jESLYXTF6DF8Wij8sFso1hLPaZdL9kHEiv5HvYRRMrd0DNHDjonFlzYmPUomxma0LFh9mzLLggoFaymjfjjyHTMdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69a2eb5b2c2a4aaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 02 Nov 2021 23:32:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 43ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3Aregular%2Citalic%2C700%2C700italic%7CKarla%3Aregular%2Citalic%2C700%2C700italic%26subset%3Dlatin%2C&ver=3.1.4

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

784d1fcb4a6ffa1cc063f76e0ee6a3b8fbf881d98abc228d8571dc5a742f41a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:12:42 GMT
server: ESF
date: Thu, 07 Oct 2021 00:12:42 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 07 Oct 2021 00:12:42 GMT

GET
H2 200 front.css
banking-online.org/wp-content/plugins/related-posts-thumbnails/assets/css/ 3 KB
1 KB 114ms
108ms Stylesheet
text/css 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/related-posts-thumbnails/assets/css/front.css?ver=1.9.0
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad0f5f804486fcc496d15f565557b4a66d28e0e2bac0cd947a5277d07cfe20fe

Request headers

:path: /wp-content/plugins/related-posts-thumbnails/assets/css/front.css?ver=1.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4082
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 14:04:29 GMT
server: cloudflare
etag: W/"61322b6d-ff2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwyF%2BEv%2FzrhhxlTyYwNE6Tr%2FH5qzZNS9Ir7%2BQ5huvLMJmxrl5U2fPmlrjE%2FFyvdq6DDkfAuRk6ErHUO%2BiLg5J6k7yRonUl9O5fDOW6j2ZrsHwxvqd0GU2%2FVDtFKKntRK46SDbtAhF%2BS4ivvKti5ZnNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c2b4aaa-FRA
expires: Mon, 01 Nov 2021 20:44:49 GMT

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/10.2/_inc/social-logos/ 12 KB
8 KB 31ms
8ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.2/_inc/social-logos/social-logos.min.css

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.2/css/ 85 KB
16 KB 31ms
8ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.2/css/jetpack.css

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Tue, 28 Sep 2021 19:34:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 87 KB
30 KB 31ms
8ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 11 KB
4 KB 31ms
9ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/ 6 KB
2 KB 35ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 00:06:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/ 16 KB
6 KB 35ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 23:18:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 dom-ready.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/dist/ 1 KB
607 B 31ms
9ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/dist/dom-ready.min.js

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 base.js Show response
banking-online.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 463 B
609 B 113ms
108ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.8
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e166f1546b833be09f8764a8856e12d29eccb1a6c59a5316da40f0c53e5cb865

Request headers

:path: /wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=720
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 14:06:12 GMT
server: cloudflare
etag: W/"61322bd4-2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GO3AcZK1gb5ygctSPoc2Ub55qn%2BQCvVXJTygSP0j9vQhZK30S3PkjKIDOa7ZE1%2BVIB6boXcoBKlZDfeJdd3xKMVmDtICrmREoxd67b%2Bhj3GgcnoOlxvnZoUunXTus7wccpRUVuSjheW5rFRZZWThaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c344aaa-FRA
expires: Mon, 01 Nov 2021 04:28:07 GMT

GET
H2 200 frontend-gtag.min.js Show response
banking-online.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
3 KB 137ms
132ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.1.0
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e

Request headers

:path: /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 15:05:08 GMT
server: cloudflare
etag: W/"6155d224-2e81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Gujdm9HGFgMQUlmH%2Bb6v6wZ%2B%2BTL2OqLHmcDU6trDMPdZGc14zrwEgsMohdXfdFC0pgX2nSXrWWFz2yAVua0rNWRs4oK4EjhTr6waveVIc1jg7x7kJ26PvhRMHxeXn32%2B5p%2BrPDdy7LMzitFFon6TWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69a2eb5b2c354aaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 02 Nov 2021 23:32:00 GMT

GET
H2 200 medianetAdInjector.js Show response
banking-online.org/wp-content/plugins/media-net-ads-manager/js/ 486 B
595 B 115ms
110ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c3413a3d6060b291b7ee51b22fd99d7467cce66bb78b0907bd61f2e24e9f1f

Request headers

:path: /wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=562
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 14:06:44 GMT
server: cloudflare
etag: W/"61322bf4-232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnfKgx3DheoawMw5XOkUUZGLWaXBYby9Ao4VSuH%2FPnUSKsU3UXl6WxS4GLnje%2BzoreyDPEQkevhZ%2FVidvItXekkvWjxuGW64rcbfFzI7l1iQWaTp%2Bi2cNUFNpUl98hg6EGB8ZRrhUPzDWep5FjpiKMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c364aaa-FRA
expires: Tue, 02 Nov 2021 23:32:00 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 156 KB
53 KB 408ms
386ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU79EY8X

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

651f090930773bef7aa84ec2b3e5d352be534dba4064fb8e9a9e324548cfa1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-mnt-h: 8-20
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "db4a027e3c15cd793e013e5c728d081b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Thu, 07 Oct 2021 00:12:42 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-33
expires: Thu, 07 Oct 2021 00:17:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 53ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737634509213731

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe2eee8c41bb1a6aa7f13d688c54ba1d91a229a7d92745304c9508fe45995480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banking-online.org/
Origin: https://banking-online.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51342
x-xss-protection: 0
server: cafe
etag: 1626902187224284914
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 00:12:42 GMT

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 25 KB
8 KB 442ms
403ms Script
application/javascript 52.222.213.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=2292b96f-3e91-4010-8410-647f3f7299c9
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.213.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-213-35.fra56.r.cloudfront.net
Software: Server /
Resource Hash: f36d6493c65c523b53e379e34c14b7c9462f2bb5f3071ab783779b8f5b293365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: Public
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
content-length: 8161
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-id: 4FM-tbW6vn2bzSfgzxkXnBMf0_nUSGCcQUIy_XkwDeZWauMeVbTvYQ==
expires: Thu, 07 Oct 2021 00:17:42 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/10.2/_inc/build/photon/ 758 B
425 B 35ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.2/_inc/build/photon/photon.min.js

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 index.js Show response
banking-online.org/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 127ms
122ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 14:05:09 GMT
server: cloudflare
etag: W/"61322b95-32bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63unQ7UQ%2BwVtE%2BUXbriZbvyOfEtcB2l3Y5uAbhFqqgsAHoztn9v34UtFDWVyLjOXVW1fG%2BfsgYZPruPafHeFqODiOeMvoHeq0BMkKoBCkTWVv3yU18FeV2WoFuMxOTGTxepF8u6kaa2AgbdOryk2%2F8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c374aaa-FRA
expires: Sun, 31 Oct 2021 13:31:26 GMT

GET
H2 200 skip-links.min.js Show response
banking-online.org/wp-content/themes/genesis/lib/js/ 386 B
582 B 114ms
110ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.5
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

:path: /wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Sep 2021 14:08:24 GMT
server: cloudflare
etag: W/"61322c58-182"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AV8gDaoYzgYM1xsdpReoOHoeqcvcUEkFpxerbkLRAAwDf9Wah7MHHManm9yt6bsrPa0GCqVLOGJFLBBp4jEw6MnmZZQqm%2Fex5h5YKyrDgU5rDl10G0VrfslRkie6ar%2BByWlif%2F50ZUmSED2RZvSVNZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69a2eb5b2c384aaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 02 Nov 2021 23:32:00 GMT

GET
H2 200 general.js Show response
banking-online.org/wp-content/themes/foodiepro/js/ 3 KB
2 KB 113ms
109ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/themes/foodiepro/js/general.js?ver=3.1.4
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fecad4f6f5620d50ccd5366d353739424a3174bf0e912df50a570941534088e

Request headers

:path: /wp-content/themes/foodiepro/js/general.js?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4984
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 14:04:06 GMT
server: cloudflare
etag: W/"61322b56-1378"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeQtut7ryHMfCbE9OUvvYjNvorki%2B%2FqZeZWrmj7jcOlLjwXxqpR5HOuH%2FhTfXg%2F%2BEDGQHdURzE%2F4onlbeUZpzd1ubbl2aKlCsJOC4cTdDKY7xwx58W3xLIkFaxGx68%2BHZyo%2BqScemDDG4r1Ej698dAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c394aaa-FRA
expires: Mon, 01 Nov 2021 20:44:52 GMT

GET
H2 200 intersection-observer.js Show response
banking-online.org/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 117ms
113ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550bee253a00a7e6089b3aa136a1f21d904592e93ee0740f08d4d36e4b1dcbe5

Request headers

:path: /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 03:14:48 GMT
server: cloudflare
etag: W/"61382aa8-2390"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuNMCt3lXpiAk45tsttoBP9wg%2BG%2FTIg%2B83FXEJ%2Bl%2FbpxgXPvd4twYhnVm%2BH504a0a8kZMdScoDFw6g%2BMZDFMckdbgieIHYYOFc%2FKpE2O9A1tCjnltmo56bD%2BP%2FWQzsDoF%2F2uJUPBNLI%2FjLEU2ZE3kmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c3a4aaa-FRA
expires: Mon, 01 Nov 2021 20:44:50 GMT

GET
H2 200 lazy-images.js Show response
banking-online.org/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 2 KB
2 KB 131ms
127ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

:path: /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 03:14:48 GMT
server: cloudflare
etag: W/"61382aa8-98f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH%2BY%2BNFaKvcNATlWV6m4HTL4mTDzZjmy4bX08Wg0XqpbsYGu7z5qNNWeSbvgflW2X5Qnei2VAH%2BagzFEOkAtZLDS%2FJyGpmCp5gUPupPFW97Fc2SlEcwcHyw2XN5X6EoFhxoxwC9w7FfHVvHE%2BbpvvS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c3b4aaa-FRA
expires: Mon, 01 Nov 2021 20:44:50 GMT

GET
H2 400 api.js
www.google.com/recaptcha/ 0
0 53ms
22ms Script
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/recaptcha/api.js?render=6Lfh2JEUAAAAAE4W0U1J-bhEoLehMXHgqyHmltgr&ver=3.0
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 index.js Show response
banking-online.org/wp-content/plugins/contact-form-7/modules/recaptcha/ 2 KB
1 KB 114ms
111ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccdcf774bd0fc2383fb9d2b780148d17b2ceb3dbc355db13cc17edfdc1f511f3

Request headers

:path: /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 14:04:09 GMT
server: cloudflare
etag: W/"61322b59-739"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZHI4vPXnU5WJBBVd4kJnYcsTe1KEntotwQIYkavptdLAcZG8JWyszBU7LPdIEKpNtKw1KcMRat5fDWsle3WpkHO6ysSi3MmJhN0C8CM%2BT4sG%2FP3T1XNfPAVusiv4YZW0%2B%2Be4zN%2FfNQL6vqHrLdKI%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 69a2eb5b2c3c4aaa-FRA
expires: Mon, 01 Nov 2021 20:44:50 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 1 KB
719 B 32ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:12:42 GMT

GET
H2 200 e-202140.js Show response
stats.wp.com/ 9 KB
3 KB 23ms
9ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202140.js
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Wed, 21 Sep 2022 02:00:41 GMT

GET
H2 200 wp-emoji-release.min.js Show response
banking-online.org/wp-includes/js/ 18 KB
5 KB 113ms
112ms Script
application/javascript 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banking-online.org/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Sep 2021 14:07:00 GMT
server: cloudflare
etag: W/"61322c04-4705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0V4O1CTdrPSy4W4wi2VZAhLukOTgVHtl0DtBQjOVJvbD7M5awnSHMuUkLxidHpAvzCol2z0Ey9WgUizqa1jqGVXL5%2BPXl%2BJUqKOKpjF%2FTm1o989mJDCHntm3Kl%2FCGdH7ZyXN7YkZDbHbcAkLjbXxEG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69a2eb5c1cfd4aaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 02 Nov 2021 23:32:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145745368-42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5145
date: Wed, 06 Oct 2021 22:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 07 Oct 2021 00:46:57 GMT

GET
H2 200 cropped-bankingonline.....jpg
banking-online.org/wp-content/uploads/2018/06/ 16 KB
16 KB 115ms
114ms Image
image/jpeg 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banking-online.org/wp-content/uploads/2018/06/cropped-bankingonline.....jpg
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4805d7c06f8a6ce8b2345d34c5296213864e8d0a46f39589cfe72c7c54ceaf4b

Request headers

:path: /wp-content/uploads/2018/06/cropped-bankingonline.....jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: banking-online.org
referer: https://banking-online.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16376
last-modified: Fri, 03 Sep 2021 14:05:06 GMT
server: cloudflare
etag: "61322b92-3ff8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG%2BpenwlQ6UIwPDHvlEN3AmyUZDFSRWMwHXdwi2ZOh%2Fkf07IDkxHx3MCcRcROAd0a53tSK6qbdQFaptBdFFnb1K8aJ%2BLXi3ezaWIgjKQEiUMbeFXg13ADoU2eQ7RqTxVifxf12e0%2BpbCm%2BnaCeQDuzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69a2eb5c1d024aaa-FRA
expires: Sat, 06 Nov 2021 00:12:42 GMT

GET
H2 200 search.svg
banking-online.org/wp-content/themes/foodiepro/images/ 2 KB
1 KB 105ms
105ms Image
image/svg+xml 2606:4700:3033::6815:375c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banking-online.org/wp-content/themes/foodiepro/images/search.svg
Requested by: Host: banking-online.org
URL: https://banking-online.org/wp-content/themes/foodiepro/style.css?ver=3.1.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:375c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1997dab216a1ae3a6865fed352a6e580a0b7d87963556fed51daed631f6dcdf

Request headers

:path: /wp-content/themes/foodiepro/images/search.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: banking-online.org
referer: https://banking-online.org/wp-content/themes/foodiepro/style.css?ver=3.1.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/wp-content/themes/foodiepro/style.css?ver=3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Sep 2021 14:05:50 GMT
server: cloudflare
etag: W/"61322bbe-61c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puPA3eC5yhZFLFpwVn2TFn%2BjdP6uW8Mg%2B4WH7ovsYLTOuGgGYIQ980ydwKjdmvH8eg4ejtmJ3QUEsJ%2BkZdss1L%2Fr1%2B8gosYtm15cHBEdYmvU%2BG%2Bd6fYViCjSj2DxcY83lMhQ%2BzVN%2FuW5OgLXE2kFZEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69a2eb5c1d044aaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 04 Nov 2021 19:56:54 GMT

GET
H2 200 qkBbXvYC6trAT7RVLtw.woff2
fonts.gstatic.com/s/karla/v15/ 29 KB
29 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v15/qkBbXvYC6trAT7RVLtw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3Aregular%2Citalic%2C700%2C700italic%7CKarla%3Aregular%2Citalic%2C700%2C700italic%26subset%3Dlatin%2C&ver=3.1.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banking-online.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 17:57:28 GMT
x-content-type-options: nosniff
age: 108914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29268
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:11:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Oct 2022 17:57:28 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 32 KB
32 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banking-online.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 17:58:59 GMT
x-content-type-options: nosniff
age: 281623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:03 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 17:58:59 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 index.html Show response
cdn.plus500.com/Media/Banners/300x250/58366/ Frame 35E4 3 KB
2 KB 246ms
73ms Document
text/html 192.229.220.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.plus500.com/Media/Banners/300x250/58366/index.html?set=Coronavirus-Banner&language=EN&country=GB&url=https%3A%2F%2Fwww.plus500.co.uk%2F%3Fid%3D125187%26pl%3D2

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.220.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a4a7534e35585d0c8411f5010b54057222e1842d0b09e4091c71f6aa31b29b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: cdn.plus500.com
:scheme: https
:path: /Media/Banners/300x250/58366/index.html?set=Coronavirus-Banner&language=EN&country=GB&url=https%3A%2F%2Fwww.plus500.co.uk%2F%3Fid%3D125187%26pl%3D2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public,max-age=25920000
content-type: text/html
date: Thu, 07 Oct 2021 00:12:42 GMT
last-modified: Fri, 28 Feb 2020 08:28:23 GMT
server: Microsoft-IIS/8.5
set-cookie: IP=!ThG0YDZC5hes/PVn4D3iqehLthhkpxXHFFepNVH+ZtjHuamy94oFfv8UhY5Jtg3lRjOciKmv6ovCMfW8CUgfMYk8yFgQWzBM8ADk+vunMop8s2JJpQdyAra58YpTzGReM7JylD5C/7gfKa9as8ztgbCjNVvO9GM=; path=/; Httponly; Secure; SameSite=none
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 1803

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v12/ 29 KB
29 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banking-online.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 07:06:58 GMT
x-content-type-options: nosniff
age: 320744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29400
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 07:06:58 GMT

GET
H2 400 api.js
www.google.com/recaptcha/ 0
0 17ms
16ms Script
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/recaptcha/api.js?render=6Lfh2JEUAAAAAE4W0U1J-bhEoLehMXHgqyHmltgr&ver=3.0
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 23:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 07 Oct 2021 00:50:01 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 272 KB
98 KB 55ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2737634509213731&plah=banking-online.org&bust=31063054

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737634509213731

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1c7b1839bca24d14a0c3cae0112d5669aa53590fb98194375f809a303f1835a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99722
x-xss-protection: 0
server: cafe
etag: 279179070185807424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 00:12:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/ Frame 8122 10 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737634509213731

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211004/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 06 Oct 2021 15:14:38 GMT
expires: Wed, 20 Oct 2021 15:14:38 GMT
content-type: text/html; charset=UTF-8
etag: 10398570473303663775
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4601
x-xss-protection: 0
age: 32284
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 6ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.2&blog=188281932&post=11&tz=0&srv=banking-online.org&host=banking-online.org&ref=&fcp=1912&rand=0.29068298653997315
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 onlinebanking.jpg
i1.wp.com/banking-online.org/wp-content/uploads/2018/06/ 225 KB
226 KB 751ms
729ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/banking-online.org/wp-content/uploads/2018/06/onlinebanking.jpg?resize=680%2C450&ssl=1

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

27e105c2674cdc1956e12d2f9658a4e4fcec7970d834b04ac715501083a55ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Thu, 07 Oct 2021 00:12:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Oct 2021 00:12:43 GMT
server: nginx
etag: "6b0827180b37b682"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://banking-online.org/wp-content/uploads/2018/06/onlinebanking.jpg>; rel="canonical"
content-length: 230652
expires: Sat, 07 Oct 2023 12:12:43 GMT

GET
H2

200

51eUGFXvAjL._SL250_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B085RPXFC7&Format=_SL250_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=lealuk-20&language=en_US
https://m.media-amazon.com/images/I/51eUGFXvAjL._SL250_.jpg

12 KB
13 KB

136ms
100ms

Image
image/jpeg

2600:9000:2251:7a00:1d:d7f6:39cf:a761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51eUGFXvAjL._SL250_.jpg
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7a00:1d:d7f6:39cf:a761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0c5d55a9962556d91d91def07a8548505c2d05c58afc1be9e8625540b7fa3ad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 20:46:51 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
age: 98752
edge-cache-tag: x-cache-486,/images/I/51eUGFXvAjL
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 12236
surrogate-key: x-cache-486 /images/I/51eUGFXvAjL
last-modified: Mon, 16 Mar 2020 15:50:10 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 79a84df4-e80e-4327-a651-ea420fc3d4aa
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: eMGvM2wBUkE6mh8Q6YUUafG5wGJzrMdqGxh3m5HNlSUZnISXjDOVOg==
expires: Mon, 30 Sep 2041 20:46:51 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/51eUGFXvAjL._SL250_.jpg
Date: Thu, 07 Oct 2021 00:12:43 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET
H/1.1 200 ir
ir-na.amazon-adsystem.com/e/ 42 B
159 B 576ms
96ms Image
image/gif 52.94.240.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-na.amazon-adsystem.com/e/ir?t=lealuk-20&language=en_US&l=li3&o=1&a=B085RPXFC7
Requested by: Host: banking-online.org
URL: https://banking-online.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.240.125 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 35E4 236 KB
63 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: cdn.plus500.com
URL: https://cdn.plus500.com/Media/Banners/300x250/58366/index.html?set=Coronavirus-Banner&language=EN&country=GB&url=https%3A%2F%2Fwww.plus500.co.uk%2F%3Fid%3D125187%26pl%3D2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.plus500.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Oct 2021 00:12:42 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 35E4 84 KB
30 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.plus500.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 05 Oct 2022 13:18:29 GMT

GET
H2 200 index.js Show response
cdn.plus500.com/Media/Banners/300x250/58366/ Frame 35E4 35 KB
12 KB 98ms
97ms Script
application/javascript 192.229.220.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.plus500.com/Media/Banners/300x250/58366/index.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.220.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

10c5a2e0f1b3e702acc3c41e4e5ffe9b0a2a3825bd003e1f8c30ba4aa13028ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.plus500.com/Media/Banners/300x250/58366/index.html?set=Coronavirus-Banner&language=EN&country=GB&url=https%3A%2F%2Fwww.plus500.co.uk%2F%3Fid%3D125187%26pl%3D2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
last-modified: Fri, 28 Feb 2020 08:28:23 GMT
server: Microsoft-IIS/8.5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=25920000
strict-transport-security: max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831

GET
H2 200 rwTypeUrl.js Show response
cdn.plus500.com/media/banners/rw-data/ Frame 35E4 2 KB
1 KB 11ms
11ms Script
application/javascript 192.229.220.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.plus500.com/media/banners/rw-data/rwTypeUrl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.220.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F24) /

Resource Hash

e2f39bf6fb44848ec9460b0138d8f11825d8c9f6408743580ff3f8c9bc85452c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.plus500.com/Media/Banners/300x250/58366/index.html?set=Coronavirus-Banner&language=EN&country=GB&url=https%3A%2F%2Fwww.plus500.co.uk%2F%3Fid%3D125187%26pl%3D2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
last-modified: Sun, 15 Dec 2019 10:38:33 GMT
server: ECAcc (frc/8F24)
age: 4472356
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=25920000
strict-transport-security: max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 938

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 14ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=201766778&t=pageview&_s=1&dl=https%3A%2F%2Fbanking-online.org%2F&ul=en-us&de=UTF-8&dt=Banking%20Online%20-%20%231%20Online%20Banking%20Directory%20Resource&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=566903543&gjid=883532244&cid=658770239.1633565562&tid=UA-145745368-42&_gid=395317543.1633565562&_r=1&gtm=2oua40&did=dZGIzZG&z=1355722133

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://banking-online.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 00:12:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://banking-online.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
661 B 45ms
23ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=banking-online.org&callback=_gfp_s_&client=ca-pub-2737634509213731

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2737634509213731&plah=banking-online.org&bust=31063054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f72a3423b25e0c23c53c68d48ffd690b5d9c1305db8ba1f506bf9290c81a5ceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 42ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banking-online.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 58ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banking-online.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C06 13 KB
5 KB 152ms
151ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737634509213731&output=html&adk=1812271804&adf=3025194257&lmt=1633534332&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbanking-online.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633565562469&bpp=3&bdt=418&idt=137&shv=r20211004&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8729568983009&frm=20&pv=2&ga_vid=658770239.1633565562&ga_sid=1633565563&ga_hid=201766778&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C31062369%2C31062944%2C31063054&oid=2&pvsid=2285341876046979&pem=909&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=160

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dbb7d57ad90ed4fec81eb3e9d92f1c2086e17eb9c013e9d0f931bc799ab3fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2737634509213731&output=html&adk=1812271804&adf=3025194257&lmt=1633534332&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbanking-online.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633565562469&bpp=3&bdt=418&idt=137&shv=r20211004&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8729568983009&frm=20&pv=2&ga_vid=658770239.1633565562&ga_sid=1633565563&ga_hid=201766778&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C31062369%2C31062944%2C31063054&oid=2&pvsid=2285341876046979&pem=909&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=160
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 Oct 2021 00:12:42 GMT
server: cafe
content-length: 4911
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 00:27:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 00:12:42 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7498 436 B
414 B 118ms
116ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737634509213731&output=html&h=600&slotname=7796291165&adk=2089844442&adf=1381131413&pi=t.ma~as.7796291165&w=300&fwrn=4&fwrnh=100&lmt=1633534332&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fbanking-online.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633565562472&bpp=3&bdt=422&idt=165&shv=r20211004&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8729568983009&frm=20&pv=1&ga_vid=658770239.1633565562&ga_sid=1633565563&ga_hid=201766778&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1048&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C31062369%2C31062944%2C31063054&oid=2&pvsid=2285341876046979&pem=909&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BcOT2ZKxbG&p=https%3A//banking-online.org&dtd=171

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c6a64316a2fe21dd8889723943eb0e5939c1c437bc1b23fedc7eb48f064044f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2737634509213731&output=html&h=600&slotname=7796291165&adk=2089844442&adf=1381131413&pi=t.ma~as.7796291165&w=300&fwrn=4&fwrnh=100&lmt=1633534332&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fbanking-online.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633565562472&bpp=3&bdt=422&idt=165&shv=r20211004&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8729568983009&frm=20&pv=1&ga_vid=658770239.1633565562&ga_sid=1633565563&ga_hid=201766778&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1048&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C31062369%2C31062944%2C31063054&oid=2&pvsid=2285341876046979&pem=909&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BcOT2ZKxbG&p=https%3A//banking-online.org&dtd=171
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 Oct 2021 00:12:42 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 00:27:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 00:12:42 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85C1 436 B
379 B 160ms
160ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737634509213731&output=html&h=600&slotname=7796291165&adk=1146522665&adf=3903202538&pi=t.ma~as.7796291165&w=160&fwrn=4&fwrnh=100&lmt=1633534332&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fbanking-online.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633565562475&bpp=1&bdt=424&idt=196&shv=r20211004&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8729568983009&frm=20&pv=1&ga_vid=658770239.1633565562&ga_sid=1633565563&ga_hid=201766778&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=252&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C31062369%2C31062944%2C31063054&oid=2&pvsid=2285341876046979&pem=909&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NzXx2rZj3E&p=https%3A//banking-online.org&dtd=199

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd769df446ee08153224d9e133caffe94616775e020e7a347d78507f05e227d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2737634509213731&output=html&h=600&slotname=7796291165&adk=1146522665&adf=3903202538&pi=t.ma~as.7796291165&w=160&fwrn=4&fwrnh=100&lmt=1633534332&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fbanking-online.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633565562475&bpp=1&bdt=424&idt=196&shv=r20211004&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8729568983009&frm=20&pv=1&ga_vid=658770239.1633565562&ga_sid=1633565563&ga_hid=201766778&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=252&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C31062369%2C31062944%2C31063054&oid=2&pvsid=2285341876046979&pem=909&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NzXx2rZj3E&p=https%3A//banking-online.org&dtd=199
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 Oct 2021 00:12:42 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 00:27:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 00:12:42 GMT
cache-control: private

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 85 KB
27 KB 830ms
830ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU79EY8X&cpcd=X9VKfid97qI2NuqMZXTO8w%3D%3D&crid=886131764&size=728x90&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fbanking-online.org%2F&nse=5&vi=1633565562155170617&lw=1&ugd=4&nb=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU79EY8X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

612da8c760340e3b65a7b3edef49c3fef14a2f777bb6d7c4a9f834c91988836f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-33
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
date: Thu, 07 Oct 2021 00:12:43 GMT
x-mnt-w: 8-11, 8-12
content-length: 26876
expires: Thu, 07 Oct 2021 00:12:43 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame A464 15 KB
6 KB 195ms
194ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU79EY8X&https=1&itype=CM

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

de5fe188e71bdfdd36c839780811232c8fea75884827b4d9750f622434792ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU79EY8X&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 10 Apr 2022 00:12:42 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 09 Oct 2021 00:12:42 GMT
date: Thu, 07 Oct 2021 00:12:42 GMT
content-length: 5706

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 77 KB
25 KB 764ms
764ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU79EY8X&cpcd=X9VKfid97qI2NuqMZXTO8w%3D%3D&crid=590555341&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fbanking-online.org%2F&nse=5&vi=1633565562166057757&lw=1&ugd=4&nb=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU79EY8X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

38ace0cd0513da323d7bc2f82cb1d385349a1d98c800a1030f9777423f2e7eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-33
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
date: Thu, 07 Oct 2021 00:12:43 GMT
x-mnt-w: 21-xj40, 21-rbtx
content-length: 24863
expires: Thu, 07 Oct 2021 00:12:43 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 3B63 15 KB
6 KB 132ms
132ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU79EY8X&https=1&itype=CM

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f336d9014c66c4b997c5126f01a660cc8581e5d0967f0046030e4d0f27a92167

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU79EY8X&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 10 Apr 2022 00:12:42 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 09 Oct 2021 00:12:42 GMT
date: Thu, 07 Oct 2021 00:12:42 GMT
content-length: 5705

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 77 KB
25 KB 704ms
704ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU79EY8X&cpcd=X9VKfid97qI2NuqMZXTO8w%3D%3D&crid=743762441&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fbanking-online.org%2F&nse=5&vi=1633565562503839865&lw=1&ugd=4&nb=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU79EY8X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f93558b9bde0f4aa241bee69742edd441428a61ce2fc0374b9e193385e3e4244

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-33
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
date: Thu, 07 Oct 2021 00:12:43 GMT
x-mnt-w: 21-tpn3, 21-2v87
content-length: 24913
expires: Thu, 07 Oct 2021 00:12:43 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame F310 15 KB
6 KB 182ms
181ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU79EY8X&https=1&itype=CM

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a1a6b37bc624e6d90f674ed0a6ecaa4b12dfc3ec045a210b31368242ed88fb02

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU79EY8X&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 10 Apr 2022 00:12:42 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 09 Oct 2021 00:12:42 GMT
date: Thu, 07 Oct 2021 00:12:42 GMT
content-length: 5704

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 47ms
38ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU79EY8X&crid=886131764&vi=1633565562155170617&ugd=4&lf=6&cc=DE&sc=SN&wsip=2886994110&r=1633565562697&requrl=https%3A%2F%2Fbanking-online.org%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=24940&vgd_rakh=1633565562106442522&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p11327773352t202110070012&vgd_pgids=1&vgd_uspa=0&hvsid=00001633565562692022976773125032&gdpr=1&vgd_end=1

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 07 Oct 2021 00:12:42 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 07 Oct 2021 00:12:42 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 42ms
34ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU79EY8X&crid=590555341&vi=1633565562166057757&ugd=4&lf=6&cc=DE&sc=SN&wsip=2886994110&r=1633565562718&requrl=https%3A%2F%2Fbanking-online.org%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=24940&vgd_rakh=1633565562106442522&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p11327773352t202110070012&vgd_pgids=2&vgd_uspa=0&hvsid=00001633565562715022976773124283&gdpr=1&vgd_end=1

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 07 Oct 2021 00:12:42 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 07 Oct 2021 00:12:42 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 50ms
42ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU79EY8X&crid=743762441&vi=1633565562503839865&ugd=4&lf=6&cc=DE&sc=SN&lper=100&wsip=2886994110&r=1633565562731&requrl=https%3A%2F%2Fbanking-online.org%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=24940&vgd_rakh=1633565562106442522&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p11327773352t202110070012&vgd_pgids=2&vgd_uspa=0&hvsid=00001633565562729022976773128707&gdpr=1&vgd_end=1

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 07 Oct 2021 00:12:42 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 07 Oct 2021 00:12:42 GMT

GET
H3-Q050 200 index_atlas_.png
cdn.plus500.com/Media/Banners/300x250/58366/ Frame 35E4 324 KB
324 KB 71ms
71ms Image
image/png 192.229.220.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.plus500.com/Media/Banners/300x250/58366/index_atlas_.png?1582819145975

Requested by

Host: banking-online.org
URL: https://banking-online.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

192.229.220.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

d96d65a9d984b320e201d2183a8b6b2f9388fcb7b4e7650f4a9dc635c073da29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.plus500.com/Media/Banners/300x250/58366/index.html?set=Coronavirus-Banner&language=EN&country=GB&url=https%3A%2F%2Fwww.plus500.co.uk%2F%3Fid%3D125187%26pl%3D2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
last-modified: Fri, 28 Feb 2020 08:28:23 GMT
server: Microsoft-IIS/8.5
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=25920000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332027

GET
H3-Q050 200 rw-data.json Show response
cdn.plus500.com/Media/Banners/rw-data/ Frame 35E4 11 KB
5 KB 11ms
11ms XHR
application/json 192.229.220.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.plus500.com/Media/Banners/rw-data/rw-data.json

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

192.229.220.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDF) /

Resource Hash

52e20838e0d78c9f1a98dcd49808654ab44ce8d6db62f23d408478cf7e5d98ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cdn.plus500.com/Media/Banners/300x250/58366/index.html?set=Coronavirus-Banner&language=EN&country=GB&url=https%3A%2F%2Fwww.plus500.co.uk%2F%3Fid%3D125187%26pl%3D2
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 08:39:23 GMT
server: ECAcc (frc/8FDF)
age: 43285
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=25920000
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5423

GET
H2 200 rwtype Show response
marketools.plus500.com/widgets/ Frame 35E4 155 B
564 B 83ms
29ms XHR
application/json 152.195.53.173
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://marketools.plus500.com/widgets/rwtype?referrerUrl=https%3A%2F%2Fbanking-online.org%2F&refLocationHref=https%3A%2F%2Fcdn.plus500.com%2FMedia%2FBanners%2F300x250%2F58366%2Findex.html%3Fset%3DCoronavirus-Banner%26language%3DEN%26country%3DGB%26url%3Dhttps%253A%252F%252Fwww.plus500.co.uk%252F%253Fid%253D125187%2526pl%253D2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.53.173 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

08da3bf55b76f116de30dddcdd651a967b54d40e5c3e84f9335a63f06f234d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cdn.plus500.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:42 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 155
x-xss-protection: 1; mode=block

GET
H2 200 nrrV72800.js Show response
contextual.media.net/4a/ Frame 3F46 91 KB
30 KB 20ms
19ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV72800.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU79EY8X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b4fa3f78fd5de15328ba71f880dc61f00fb0b26013deeb115cf2865347be1851

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "6886442ba24a2b87df682d7c632eab66"
vary: Accept-Encoding
x-mnet-h: 8-12
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 07 Oct 2021 00:12:43 GMT
content-length: 30050
expires: Thu, 21 Oct 2021 00:12:43 GMT

GET
DATA 200
OK truncated
/ Frame 3F46 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3F46 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3F46 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrrV72800.js Show response
contextual.media.net/4a/ Frame B469 91 KB
30 KB 18ms
18ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV72800.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU79EY8X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b4fa3f78fd5de15328ba71f880dc61f00fb0b26013deeb115cf2865347be1851

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "6886442ba24a2b87df682d7c632eab66"
vary: Accept-Encoding
x-mnet-h: 8-12
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 07 Oct 2021 00:12:43 GMT
content-length: 30050
expires: Thu, 21 Oct 2021 00:12:43 GMT

GET
DATA 200
OK truncated
/ Frame B469 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B469 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B469 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 3F46 15 B
216 B 9ms
8ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001633565562729022976773128707&geo=50.48|12.37&dlper=25&lper=100&fp=SKfR1Y5IvbH8Jd_c6pirY8lJ1y9PeSGFaTQ17iWGYXG-wUC32OmlHGSpc11MDOModjkXQBhz5r6E1XIoc9m5mXdeHSUXMH1s5yuni2K2nF_iVa3l3ctmMQY9jGPXHPWT&lpid=&tsid=1&q=&prv=&type=&ps=&cme=RwN3UoBfwxZwHT0c-SgtUpP9NIvouMcyaLNNVifWWUEbu1rwaU5M7fXeuCKoLWEjC01SRoF-qMtD26R1dQMJAotOj13nzDuFNp5MdieAs-6lJY6B6ie4ZwLAtWi9nvAEs6KyutDovhTZyOkBbLjM-RF78Gnx-2cCzuQtIVMbfd3rcuewV0vuJR9GuXIKhcKClYtTlsV8f08G-DdtwD3kNuUqOdjd2N5YjHBLP1uWjPM%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaG7EYvGBIbLomGWlf96pLd1C8AjcAUumzw%3D%7CN7fu2vKt8_s%3D%7C1lCohip8P4Lr-VtEpA5dVlKuxEfIOHIWWrDPExl2riy6EKGvmkGjtbzw1DLLjudnqHcYa7zFZKGCnMSECEMOt4_aGICMIFO7iFogns_VjkxxsZtEG-XH7p8E-Iu-fyBp0VHuNx-hbGljZhA7WPVT-4xvnUVzjb9tq2A9BoWuhgseLK-gkRQNAqVMDhIlMeYeLfABAYyeynkDwtkIM1AhLXJCKTJIhkCF%7C&hint=&td=&cc=DE&wsip=170721645&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=fuoyxQBuG&vgde_setid=Nfu&&rc=0&ksu=207&fdkt=267&kwd[]=Online%20Account%20Login&kwt[]=267&kbc[]=130820&kwp[]=1&kid[]=133422277&kbc2[]=ps%3D0.608%7C%7Crpc%3D0.07%7C%7Clvl%3D1.29&ktd[]=274894815488&kwd[]=Transfer%20Money%20to%20Bank%20Account&kwt[]=307&kbc[]=65381&kwp[]=2&kid[]=173095799&kbc2[]=0%7C%7Cactr%3D0.494%7C%7Cps%3D0.694%7C%7Crpc%3D0.16%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Make%20Online%20Payments&kwt[]=307&kbc[]=65381&kwp[]=3&kid[]=18279351&kbc2[]=0%7C%7Cactr%3D0.126%7C%7Cps%3D0.694%7C%7Crpc%3D0.10%7C%7Clvl%3D1.00&ktd[]=3573446541568&kwd[]=Pay%20Your%20Bill%20Online&kwt[]=307&kbc[]=67993&kwp[]=4&kid[]=21957038&kbc2[]=0%7C%7Cactr%3D0.352%7C%7Cps%3D0.694%7C%7Crpc%3D0.08%7C%7Clvl%3D1.98&ktd[]=3573446541568&kwd[]=Best%20Online%20Savings&kwt[]=307&kbc[]=250070&kwp[]=5&kid[]=3481171&kbc2[]=0%7C%7Cactr%3D0.037%7C%7Cps%3D0.694%7C%7Crpc%3D0.22%7C%7Clvl%3D1.00&ktd[]=3573446541568&rand=1633565563529&cid=8CU79EY8X&vwid=1633565562503839865&vi=1633565562503839865&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=SN&vgd_l1rakh=1633565562106442522&vgd_l1rhst=contextual.media.net&vgd_lhl=865&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1633565562729&upk=1633565563.2326&hvsid=00001633565562729022976773128707&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D24940&vgd_isiolc=1&npgv=1&pid=8POF3EBY6&katen=1&pc=100&vgd_pgid=p11327773352t202110070012&matm=1633565563537&vgd_ltime=811&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D24940&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=SN&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=170721631&vgd_nrrsf=nrr&vgd_nrrv=72800&vgd_nrrs=72800&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-743762441%7CDIV&vgd_x_pos=1048&vgd_y_pos=1029&vgd_ren_page_h=2762&vgd_cty=FALKENSTEIN&vgd_l1hcsd=A20%7C6618&vgd_sethcsd=A33%7C6640&vgd_cfud=210701&vgd_is_amp=0&vgd_icat=392&vgd_spcat=500538&vgd_optout=0&vgd_l2ch=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=2&requrl=https%3A%2F%2Fbanking-online.org&oRurl=http%3A%2F%2Fcdn3gor%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDE%26isOffice%3D0%26fvips%3D0%26vi%3D1633565562503839865%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D743762441%26vpf%3D000%26cid%3D8CU79EY8X%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D1%26cpcd%3DX9VKfid97qI2NuqMZXTO8w%253d%253d%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26gdpr%3D1%26pid%3D8POF3EBY6%26requrl%3Dhttps%253a%252f%252fbanking-online.org%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV72800.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 07 Oct 2021 00:12:43 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 07 Oct 2021 00:12:43 GMT

POST
H2 200 log
navvy.media.net/ Frame 3F46 35 B
207 B 173ms
149ms Ping
image/gif 34.102.149.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV72800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.149.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.149.102.34.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://banking-online.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 00:12:43 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 35
expires: Thu, 07 Oct 2021 00:12:43 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame B469 15 B
216 B 8ms
8ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001633565562715022976773124283&geo=50.48|12.37&dlper=25&lper=100&fp=SKfR1Y5IvbH8Jd_c6pirY8lJ1y9PeSGFaTQ17iWGYXG-wUC32OmlHGSpc11MDOModjkXQBhz5r6E1XIoc9m5mXdeHSUXMH1s5yuni2K2nF9yRcqU0avlfOccHfbrfo4l&lpid=&tsid=1&q=&prv=&type=&ps=&cme=6-s7NxuNzmsuwVb724pevv-EqoIVyGNH7aK97F_bNCV13hh-Ab66MZ4EUqtjuGIQ6KNuWIFF2JEaeyrKYhBGGs2wWkFMeNo698Mt6Pysh-x0iLblzHxc6byAxn_syUW7-Ot_r3kG6dHpkvIiOQbnjC8LOATl6mC9fL_WLYWcOZriiY984ZwCp-PyAC7WIv5LdaiccJ4wxdZ89tpbs3mEI6EDIK4rMfpA_y6oiHMov0Y%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaG7EYvGBIbLomGWlf96pLd1C8AjcAUumzw%3D%7CN7fu2vKt8_s%3D%7CMO9oxJ-87yrPW0fsPEnGtTA2nPoAn3hWdJl-Q3EBzzTWtpjYNGgproK08dijq8wT1b_L68HO-uHVMsrLi9hVWHAHMM-RF2D4L33vV5Hp5J7CR-yi28q57c0xR3PfMAqYypJFqZWu64pvmEl3xFevUQOE7AZ98vkuMmkwTJ7ulDKJWh1oJXEl0bijQjxzNEWlW1oZERlgEmPVW7bmSmIOeAj9pECIk0hG%7C&hint=&td=&cc=DE&wsip=170721399&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=fuoyxQBuG&vgde_setid=Nfu&&rc=0&ksu=207&fdkt=267&kwd[]=Online%20Account%20Login&kwt[]=267&kbc[]=130820&kwp[]=1&kid[]=133422277&kbc2[]=rps%3D0.36%7C%7Cps%3D0.608%7C%7Crpc%3D0.07%7C%7Clvl%3D1.29&ktd[]=274894815488&kwd[]=Transfer%20Money%20to%20Bank%20Account&kwt[]=307&kbc[]=65381&kwp[]=2&kid[]=173095799&kbc2[]=0%7C%7Cactr%3D0.494%7C%7Cps%3D0.694%7C%7Crpc%3D0.16%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Make%20Online%20Payments&kwt[]=307&kbc[]=65381&kwp[]=3&kid[]=18279351&kbc2[]=0%7C%7Cactr%3D0.126%7C%7Cps%3D0.694%7C%7Crpc%3D0.10%7C%7Clvl%3D1.00&ktd[]=3573446541568&kwd[]=Pay%20Your%20Bill%20Online&kwt[]=307&kbc[]=67993&kwp[]=4&kid[]=21957038&kbc2[]=0%7C%7Cactr%3D0.352%7C%7Cps%3D0.694%7C%7Crpc%3D0.08%7C%7Clvl%3D1.98&ktd[]=3573446541568&kwd[]=Best%20Online%20Savings&kwt[]=307&kbc[]=250070&kwp[]=5&kid[]=3481171&kbc2[]=0%7C%7Cactr%3D0.037%7C%7Cps%3D0.694%7C%7Crpc%3D0.22%7C%7Clvl%3D1.00&ktd[]=3573446541568&rand=1633565563551&cid=8CU79EY8X&vwid=1633565562166057757&vi=1633565562166057757&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=SN&vgd_l1rakh=1633565562106442522&vgd_l1rhst=contextual.media.net&vgd_lhl=865&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1633565562715&upk=1633565563.2326&hvsid=00001633565562715022976773124283&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D24940&vgd_isiolc=1&npgv=1&pid=8POF3EBY6&katen=1&pc=100&vgd_pgid=p11327773352t202110070012&matm=1633565563554&vgd_ltime=842&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D24940&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=SN&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=170721320&vgd_nrrsf=nrr&vgd_nrrv=72800&vgd_nrrs=72800&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-590555341%7CDIV&vgd_x_pos=588&vgd_y_pos=2132&vgd_ren_page_h=2762&vgd_cty=FALKENSTEIN&vgd_l1hcsd=A20%7C6618&vgd_sethcsd=A33%7C6640&vgd_cfud=210701&vgd_is_amp=0&vgd_icat=392&vgd_spcat=500538&vgd_optout=0&vgd_l2ch=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=2&requrl=https%3A%2F%2Fbanking-online.org&oRurl=http%3A%2F%2Fcdn3gor%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDE%26isOffice%3D0%26fvips%3D0%26vi%3D1633565562166057757%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D590555341%26vpf%3D000%26cid%3D8CU79EY8X%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D1%26cpcd%3DX9VKfid97qI2NuqMZXTO8w%253d%253d%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26gdpr%3D1%26pid%3D8POF3EBY6%26requrl%3Dhttps%253a%252f%252fbanking-online.org%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV72800.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 07 Oct 2021 00:12:43 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 07 Oct 2021 00:12:43 GMT

POST
H2 200 log
navvy.media.net/ Frame B469 35 B
97 B 164ms
155ms Ping
image/gif 34.102.149.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV72800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.149.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.149.102.34.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://banking-online.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 00:12:43 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 35
expires: Thu, 07 Oct 2021 00:12:43 GMT

GET
H2 200 nrrV72800.js Show response
contextual.media.net/4a/ Frame 338E 91 KB
30 KB 20ms
20ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV72800.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU79EY8X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b4fa3f78fd5de15328ba71f880dc61f00fb0b26013deeb115cf2865347be1851

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "6886442ba24a2b87df682d7c632eab66"
vary: Accept-Encoding
x-mnet-h: 8-12
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Thu, 07 Oct 2021 00:12:43 GMT
content-length: 30050
expires: Thu, 21 Oct 2021 00:12:43 GMT

GET blank
/ Frame 338E 0
0

GET
DATA 200
OK truncated
/ Frame 338E 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 338E 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 338E 15 B
216 B 8ms
8ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001633565562692022976773125032&geo=50.48|12.37&dlper=25&lper=100&fp=SKfR1Y5IvbH8Jd_c6pirY8lJ1y9PeSGFaTQ17iWGYXG-wUC32OmlHGSpc11MDOModjkXQBhz5r6E1XIoc9m5mXdeHSUXMH1s5yuni2K2nF9pTG9ttX6r0oiOn6ycF-SP&lpid=&tsid=4&q=&prv=&type=&ps=&cme=XOIwVz0FxdtYwa278zpw4Tgz7flc_kuxglx3jxQS8rYNkrwgnd1E5VB0x8rDDFTShvLwMPHRogq1WIHfXEzSdVtxGwNf1RYMf5vmYzMcAlRYZcGVmvllSUBcIUqGXXqVUJwMYOKFBF40VKUpHXpRyXF386stXiPyOUz2MSKTtSmjg_tzS-j3yrgh_2wD8q0pTQq0MXPF5LJbrdAVKWiBoWm9qt91Q5o3JDDvT0jC4i0%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaG7EYvGBIbLomGWlf96pLd1C8AjcAUumzw%3D%7CN7fu2vKt8_s%3D%7C8X_sA2xQ58ZoO4xPujNkCtRvPUPBsvi3id34UuOQTN7SoEXV6xlryahWG36IaDiMQYk_C1R8HUBcXsUdLPht-HmhJ5AwDS3Dyuqt2QubdnnwC20KNIjngB0_47PFD5YZ8Sp_W4n0R38Y9auIqqxwAWJnh7Z2A5GJCqb4BaqTa03yZuCPUqTsGoAmsenwjdmKAtj7UZxm9X-X0gCbcHDgGsO96bWOLoRY%7C&hint=&td=&cc=DE&wsip=2886781042&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=224&fdkt=267&kwd[]=Online%20Account%20Login&kwt[]=267&kbc[]=130820&kwp[]=1&kid[]=133422277&kbc2[]=rps%3D0.36%7C%7Cps%3D0.608%7C%7Crpc%3D0.07%7C%7Clvl%3D1.29&ktd[]=274894815488&kwd[]=Transfer%20Money%20to%20Bank%20Account&kwt[]=307&kbc[]=65381&kwp[]=2&kid[]=173095799&kbc2[]=0%7C%7Cactr%3D0.494%7C%7Cps%3D0.694%7C%7Crpc%3D0.16%7C%7Clvl%3D1.00&ktd[]=3573429764352&kwd[]=Make%20Online%20Payments&kwt[]=307&kbc[]=65381&kwp[]=3&kid[]=18279351&kbc2[]=0%7C%7Cactr%3D0.126%7C%7Cps%3D0.694%7C%7Crpc%3D0.10%7C%7Clvl%3D1.00&ktd[]=3573446541568&kwd[]=Pay%20Your%20Bill%20Online&kwt[]=307&kbc[]=67993&kwp[]=4&kid[]=21957038&kbc2[]=0%7C%7Cactr%3D0.352%7C%7Cps%3D0.694%7C%7Crpc%3D0.08%7C%7Clvl%3D1.98&ktd[]=3573446541568&kwd[]=Best%20Online%20Savings&kwt[]=307&kbc[]=250070&kwp[]=5&kid[]=3481171&kbc2[]=0%7C%7Cactr%3D0.037%7C%7Cps%3D0.694%7C%7Crpc%3D0.22%7C%7Clvl%3D1.00&ktd[]=3573446541568&kwd[]=Free%20Online%20Will%20Forms&kwt[]=307&kbc[]=110227&kwp[]=6&kid[]=321131771&kbc2[]=0%7C%7Cactr%3D0.049%7C%7Cps%3D0.694%7C%7Crpc%3D0.09%7C%7Clvl%3D1.00&ktd[]=3573429764352&rand=1633565563598&cid=8CU79EY8X&vwid=1633565562155170617&vi=1633565562155170617&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=SN&vgd_l1rakh=1633565562106442522&vgd_l1rhst=contextual.media.net&vgd_lhl=859&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1633565562692&upk=1633565563.2326&hvsid=00001633565562692022976773125032&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D24940&vgd_isiolc=1&pid=8POF3EBY6&katen=1&pc=100&vgd_pgid=p11327773352t202110070012&matm=1633565563605&vgd_ltime=922&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D24940&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=SN&vgd_l1ch=1&vgd_katbid=-2&vgd_kals=base%7C%7Cpc%3D100&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886781043&vgd_nrrsf=nrr&vgd_nrrv=72800&vgd_nrrs=72800&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-886131764%7CDIV&vgd_x_pos=488&vgd_y_pos=354&vgd_ren_page_h=2762&vgd_cty=FALKENSTEIN&vgd_l1hcsd=A20%7C6618&vgd_sethcsd=A33%7C6640&vgd_cfud=191218&vgd_is_amp=0&vgd_optout=0&vgd_l2ch=0&vgd_ect=4g&vgd_rensize=500_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=1&requrl=https%3A%2F%2Fbanking-online.org&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDE%26isOffice%3D0%26fvips%3D0%26vi%3D1633565562155170617%26lw%3D1%26esi%3D1%26size%3D728x90%26crid%3D886131764%26vpf%3D000%26cid%3D8CU79EY8X%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D1%26cpcd%3DX9VKfid97qI2NuqMZXTO8w%253d%253d%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26gdpr%3D1%26pid%3D8POF3EBY6%26requrl%3Dhttps%253a%252f%252fbanking-online.org%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A500%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A4&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV72800.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 07 Oct 2021 00:12:43 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 07 Oct 2021 00:12:43 GMT

POST
H2 200 log
navvy.media.net/ Frame 338E 35 B
97 B 158ms
157ms Ping
image/gif 34.102.149.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV72800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.149.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.149.102.34.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://banking-online.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 00:12:43 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 35
expires: Thu, 07 Oct 2021 00:12:43 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
26ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211004&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4ecbe209ec2400f25603a7fe4f4bb5efbdd5e6793acdbcc033cebfa4c53a1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 00:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8591
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 07 Oct 2021 00:12:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FA57 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 06 Oct 2021 17:48:34 GMT
expires: Thu, 06 Oct 2022 17:48:34 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED4D 783 B
988 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

07cd1319d6f745ab56e419101b7289ee79d1159a0fa33b708bc0c8dfca0cacaa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AjdVAclnmL1KvmBLHpueqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://banking-online.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 07 Oct 2021 00:12:43 GMT
date: Thu, 07 Oct 2021 00:12:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AjdVAclnmL1KvmBLHpueqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js Show response
pagead2.googlesyndication.com/bg/ Frame FA57 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13343
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 06 Oct 2022 15:02:01 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED4D 0
0 86ms
86ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211004&jk=2285341876046979&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20211004&jk=2285341876046979&bg=!k5ClkNTNAAZE-GIIRPg7ACkAdvg8Wn_FghNjtETNwAsCAGTyqC21i_f4P3vNbEUgssjRPy7HnDKnrwIAAAB-UgAAAAxoAQeZAsZMa-Rg3tX0qZH6h5EWsZXfZRpZ6JmzpEtJD47GUOHSkvsa48ELmQPuvERV_tEXzpYNn97qHW4OmLiTHULKSw1_INg393aBWOUpSj9wbyEyGw5Em8YWo1ltJPJtzN06yFnVPcI17h8RzHEYWTZkYIp2IXp_hdz2JHsbpCKehqYDDiotFn6MN0jmdEcS-ygsmYj9Hm-lb3FIGJSyxAzvd9CbU8DldzB4YN_F0Ri6j0geoOHagejSfXy3AwUA8smW9cHhut9CrVlhj145irJmCnoXwb8eEtd0knmh5UpqdRfu-JiCfchbJmmLcBHgBtsBi5FATF-UBqKp5wNiY75z5wSzaXtVBwcFed6sRxoAa9OTJiA4JX6OboD9XeySE54qqwkN8uSkWjp7uWrW0A8OlwoZqpygMALOeJDqgbMQ1T_K2zYnEgeURgtqa4LyBC2NlwI2NschpPtaRI8fgE9s9QomnBxbFp987KY1_GifAPjsT7KDFAIHNeFSRT-6wTCGkAJMvneryElYxkrY90tVbpSFThrgW-aQl_lOZTrv_batBVendnqHZP6gJhr5qTaOx3ZtmB6RUQzeYL5qHruQoWEDlVt2I1f6jEZJ-dBgUkFI6EoRnnG7j5PZ6nCh50zdZEmFNyl2ZxyS8S9h_6PDAOhdr7Z9q2JovYbgPV4g54621r-MZG9Jnkny8uzRTVFsO9jwUV2TDOH1QLB9eJnTp1bpxD3sJDTr-vm0HRue_eKiiomsV6pctIYIEtQm0JLKoClM3IiYGWVwvT0SErVCS0wg4OHRj2IgsZVIqET7DbuaTWkCPIRm_KclsqmE_iWx_Q3V5iR-qq-GVsJkbihhAC5WOS4Xpp4Ue3ZRpnEXX4uSaAzg7UPnodGS76ABr5lpVHm5I_8FIbO2lzTUSgt9OSGM1nANm_aNlJ1DEy1Hau-ggMomWzxJag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 8ms
7ms Image
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8POF3EBY6&kals=base%7C%7Cpc%3D100&katen=1&pc=100&kata=at2&katbid=-2&kasts=tstype%3D-10401%7C%7Cgbid%3D-2&cme=RwN3UoBfwxZwHT0c-SgtUpP9NIvouMcyaLNNVifWWUEbu1rwaU5M7fXeuCKoLWEjC01SRoF-qMtD26R1dQMJAotOj13nzDuFNp5MdieAs-6lJY6B6ie4ZwLAtWi9nvAEs6KyutDovhTZyOkBbLjM-RF78Gnx-2cCzuQtIVMbfd3rcuewV0vuJR9GuXIKhcKClYtTlsV8f08G-DdtwD3kNuUqOdjd2N5YjHBLP1uWjPM=||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|YdjFvixrVaG7EYvGBIbLomGWlf96pLd1C8AjcAUumzw=|N7fu2vKt8_s=|1lCohip8P4Lr-VtEpA5dVlKuxEfIOHIWWrDPExl2riy6EKGvmkGjtbzw1DLLjudnqHcYa7zFZKGCnMSECEMOt4_aGICMIFO7iFogns_VjkxxsZtEG-XH7p8E-Iu-fyBp0VHuNx-hbGljZhA7WPVT-4xvnUVzjb9tq2A9BoWuhgseLK-gkRQNAqVMDhIlMeYeLfABAYyeynkDwtkIM1AhLXJCKTJIhkCF|&gdpr=1&prid=8PRHGG6T9&cid=8CU79EY8X&crid=743762441&requrl=https%3A%2F%2Fbanking-online.org%2F&vi=1633565562503839865&ugd=4&cc=DE&sc=SN&startTime=1633565562728&l2type=setting&vgd_l1rakh=1633565562106442522&l1ch=1&sttm=1633565562729&upk=1633565563.2326&hvsid=00001633565562729022976773128707&verid=3121199&vgd_sc=SN&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!A20|6618&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&npgv=1&clp=%7B%7D&cl=%7B%7D&l2ch=0&l2wsip=170721631&sethcsd=set!A33%7C6640&vgd_pgid=p11327773352t202110070012&vgd_pgids=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 07 Oct 2021 00:12:44 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 07 Oct 2021 00:12:44 GMT

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 8ms
7ms Image
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8POF3EBY6&kals=base%7C%7Cpc%3D100&katen=1&pc=100&kata=at2&katbid=-2&kasts=tstype%3D-10401%7C%7Cgbid%3D-2&cme=XOIwVz0FxdtYwa278zpw4Tgz7flc_kuxglx3jxQS8rYNkrwgnd1E5VB0x8rDDFTShvLwMPHRogq1WIHfXEzSdVtxGwNf1RYMf5vmYzMcAlRYZcGVmvllSUBcIUqGXXqVUJwMYOKFBF40VKUpHXpRyXF386stXiPyOUz2MSKTtSmjg_tzS-j3yrgh_2wD8q0pTQq0MXPF5LJbrdAVKWiBoWm9qt91Q5o3JDDvT0jC4i0=||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|YdjFvixrVaG7EYvGBIbLomGWlf96pLd1C8AjcAUumzw=|N7fu2vKt8_s=|8X_sA2xQ58ZoO4xPujNkCtRvPUPBsvi3id34UuOQTN7SoEXV6xlryahWG36IaDiMQYk_C1R8HUBcXsUdLPht-HmhJ5AwDS3Dyuqt2QubdnnwC20KNIjngB0_47PFD5YZ8Sp_W4n0R38Y9auIqqxwAWJnh7Z2A5GJCqb4BaqTa03yZuCPUqTsGoAmsenwjdmKAtj7UZxm9X-X0gCbcHDgGsO96bWOLoRY|&gdpr=1&prid=8PRHGG6T9&cid=8CU79EY8X&crid=886131764&requrl=https%3A%2F%2Fbanking-online.org%2F&vi=1633565562155170617&ugd=4&cc=DE&sc=SN&startTime=1633565562684&l2type=setting&vgd_l1rakh=1633565562106442522&l1ch=1&sttm=1633565562692&upk=1633565563.2326&hvsid=00001633565562692022976773125032&verid=3121199&vgd_sc=SN&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!A20|6618&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&cl=%7B%7D&l2ch=0&l2wsip=2886781043&sethcsd=set!A33%7C6640&vgd_pgid=p11327773352t202110070012&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banking-online.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 07 Oct 2021 00:12:44 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 07 Oct 2021 00:12:44 GMT

GET
H3-Q050 200 rw-data.json Show response
cdn.plus500.com/Media/Banners/rw-data/ Frame 35E4 11 KB
5 KB 7ms
7ms XHR
application/json 192.229.220.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.plus500.com/Media/Banners/rw-data/rw-data.json

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

192.229.220.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDF) /

Resource Hash

52e20838e0d78c9f1a98dcd49808654ab44ce8d6db62f23d408478cf7e5d98ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cdn.plus500.com/Media/Banners/300x250/58366/index.html?set=Coronavirus-Banner&language=EN&country=GB&url=https%3A%2F%2Fwww.plus500.co.uk%2F%3Fid%3D125187%26pl%3D2
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:48 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 08:39:23 GMT
server: ECAcc (frc/8FDF)
age: 43291
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=25920000
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5423

GET
H3-Q050 200 rwtype Show response
marketools.plus500.com/widgets/ Frame 35E4 155 B
546 B 39ms
29ms XHR
application/json 152.195.53.173
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

152.195.53.173 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ef1d5138127dffe00c95cb38b1218cc7747c998d8435afc42043eeba1d3da4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cdn.plus500.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 00:12:48 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 155
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: blank
URL: about:blank

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.banking-online.org/	1970-01-20 15:17:17	Name: _ga Value: GA1.2.658770239.1633565562
.banking-online.org/	1970-01-19 21:47:31	Name: _gid Value: GA1.2.395317543.1633565562
cdn.plus500.com/	1969-12-31 23:59:59	Name: IP Value: !ThG0YDZC5hes/PVn4D3iqehLthhkpxXHFFepNVH+ZtjHuamy94oFfv8UhY5Jtg3lRjOciKmv6ovCMfW8CUgfMYk8yFgQWzBM8ADk+vunMop8s2JJpQdyAra58YpTzGReM7JylD5C/7gfKa9as8ztgbCjNVvO9GM=
.banking-online.org/	1970-01-19 21:46:05	Name: _gat_gtag_UA_145745368_42 Value: 1
.media.net/	1970-01-20 02:12:29	Name: gdpr_status Value: 1
banking-online.org/	1970-01-19 21:46:07	Name: session_depth Value: banking-online.org%3D1%7C886131764%3D1%7C590555341%3D1%7C743762441%3D1
.banking-online.org/	1970-01-20 07:07:41	Name: __gads Value: ID=4ec8615870b38591-22621a32eaca0000:T=1633565562:RT=1633565562:S=ALNI_MYuUo4kiEB00-kgbUgAthvdP74Q8Q
.doubleclick.net/	1970-01-19 21:46:06	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.google.com/recaptcha/api.js?render=6Lfh2JEUAAAAAE4W0U1J-bhEoLehMXHgqyHmltgr&ver=3.0 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.google.com/recaptcha/api.js?render=6Lfh2JEUAAAAAE4W0U1J-bhEoLehMXHgqyHmltgr&ver=3.0 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: about:blank Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
banking-online.org
blank
c0.wp.com
cdn.plus500.com
contextual.media.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i1.wp.com
ir-na.amazon-adsystem.com
lg3.media.net
m.media-amazon.com
marketools.plus500.com
navvy.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
s0.2mdn.net
stats.wp.com
tpc.googlesyndication.com
ws-na.amazon-adsystem.com
www.banking-online-org.pfeilerfamily.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
z-na.amazon-adsystem.com
blank
142.250.181.226
152.195.53.173
162.241.253.99
192.0.76.3
192.0.77.2
192.0.77.37
192.229.220.58
2.18.235.93
2600:9000:2251:7a00:1d:d7f6:39cf:a761
2606:4700:3033::6815:375c
2a00:1450:4001:801::2002
2a00:1450:4001:803::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:812::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
34.102.149.62
52.222.213.35
52.46.135.132
52.94.240.125
006dad84a8366b9ca5cff7c4257c61886a271fdfde668e117ea68e5adbd75f9e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07cd1319d6f745ab56e419101b7289ee79d1159a0fa33b708bc0c8dfca0cacaa
08da3bf55b76f116de30dddcdd651a967b54d40e5c3e84f9335a63f06f234d4c
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0c5d55a9962556d91d91def07a8548505c2d05c58afc1be9e8625540b7fa3ad0
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10c5a2e0f1b3e702acc3c41e4e5ffe9b0a2a3825bd003e1f8c30ba4aa13028ba
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
27e105c2674cdc1956e12d2f9658a4e4fcec7970d834b04ac715501083a55ee3
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
38ace0cd0513da323d7bc2f82cb1d385349a1d98c800a1030f9777423f2e7eb2
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4805d7c06f8a6ce8b2345d34c5296213864e8d0a46f39589cfe72c7c54ceaf4b
4c6a64316a2fe21dd8889723943eb0e5939c1c437bc1b23fedc7eb48f064044f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52e20838e0d78c9f1a98dcd49808654ab44ce8d6db62f23d408478cf7e5d98ce
550bee253a00a7e6089b3aa136a1f21d904592e93ee0740f08d4d36e4b1dcbe5
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
612da8c760340e3b65a7b3edef49c3fef14a2f777bb6d7c4a9f834c91988836f
651f090930773bef7aa84ec2b3e5d352be534dba4064fb8e9a9e324548cfa1a4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
730abe6d94c4b765efabab2bb666a09a54a40f41a95b32965931806a7b4992cc
746012d40742c0ae57df65ce9ac9cdf6b3924430fda9c21a351d5e277b56121d
784d1fcb4a6ffa1cc063f76e0ee6a3b8fbf881d98abc228d8571dc5a742f41a9
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7dbb7d57ad90ed4fec81eb3e9d92f1c2086e17eb9c013e9d0f931bc799ab3fde
7fecad4f6f5620d50ccd5366d353739424a3174bf0e912df50a570941534088e
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a1a6b37bc624e6d90f674ed0a6ecaa4b12dfc3ec045a210b31368242ed88fb02
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a7534e35585d0c8411f5010b54057222e1842d0b09e4091c71f6aa31b29b81
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ad0f5f804486fcc496d15f565557b4a66d28e0e2bac0cd947a5277d07cfe20fe
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1997dab216a1ae3a6865fed352a6e580a0b7d87963556fed51daed631f6dcdf
b34f14940b60b0b9a84157eea806966492a740012ca1083849a01a1d871a8cc8
b4fa3f78fd5de15328ba71f880dc61f00fb0b26013deeb115cf2865347be1851
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd769df446ee08153224d9e133caffe94616775e020e7a347d78507f05e227d9
c4ecbe209ec2400f25603a7fe4f4bb5efbdd5e6793acdbcc033cebfa4c53a1ce
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f
ccdcf774bd0fc2383fb9d2b780148d17b2ceb3dbc355db13cc17edfdc1f511f3
d96d65a9d984b320e201d2183a8b6b2f9388fcb7b4e7650f4a9dc635c073da29
de5fe188e71bdfdd36c839780811232c8fea75884827b4d9750f622434792ed0
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e166f1546b833be09f8764a8856e12d29eccb1a6c59a5316da40f0c53e5cb865
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e1c7b1839bca24d14a0c3cae0112d5669aa53590fb98194375f809a303f1835a
e2f39bf6fb44848ec9460b0138d8f11825d8c9f6408743580ff3f8c9bc85452c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1d5138127dffe00c95cb38b1218cc7747c998d8435afc42043eeba1d3da4b7
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
f0c3413a3d6060b291b7ee51b22fd99d7467cce66bb78b0907bd61f2e24e9f1f
f336d9014c66c4b997c5126f01a660cc8581e5d0967f0046030e4d0f27a92167
f36d6493c65c523b53e379e34c14b7c9462f2bb5f3071ab783779b8f5b293365
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f72a3423b25e0c23c53c68d48ffd690b5d9c1305db8ba1f506bf9290c81a5ceb
f93558b9bde0f4aa241bee69742edd441428a61ce2fc0374b9e193385e3e4244
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe2eee8c41bb1a6aa7f13d688c54ba1d91a229a7d92745304c9508fe45995480

banking-online.org Open in urlscan Pro 2606:4700:3033::6815:375c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

98 %HTTPS

54 %IPv6

18 Domains

29 Subdomains

25 IPs

2 Countries

1421 kBTransfer

2942 kBSize

8 Cookies

6 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

banking-online.org Open in urlscan Pro
2606:4700:3033::6815:375c Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

98 %
HTTPS

54 %
IPv6

18
Domains

29
Subdomains

25
IPs

2
Countries

1421 kB
Transfer

2942 kB
Size

8
Cookies

95 HTTP transactions
9 data transactions