Submitted URL: https://banksdiscount.shop/
Effective URL: https://banksdiscount.shop/nahuibot_manual.php
Submission: On April 03 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3033::ac43:df3b, located in United States and belongs to CLOUDFLARENET, US. The main domain is banksdiscount.shop.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2023. Valid for: 3 months.
This is the only time banksdiscount.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains
Transfer
15 banksdiscount.shop
banksdiscount.shop
55 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
18 KB
15 2
Domain Requested by
15 banksdiscount.shop 1 redirects banksdiscount.shop
1 cdnjs.cloudflare.com banksdiscount.shop
15 2

This site contains no links.

Subject Issuer Validity Valid
*.banksdiscount.shop
GTS CA 1P5
2023-04-03 -
2023-07-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh

This page contains 2 frames:

Primary Page: https://banksdiscount.shop/nahuibot_manual.php
Frame ID: E68E42343D18E52B510EF0F5D38352A4
Requests: 12 HTTP requests in this frame

Frame: https://banksdiscount.shop/main/nahuiframe.html
Frame ID: 024FA56C5E67E196607CCF96B3590CD3
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://banksdiscount.shop/ Page URL
  2. https://banksdiscount.shop/goto.php HTTP 302
    https://banksdiscount.shop/nahuibot_manual.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

72 kB
Transfer

242 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://banksdiscount.shop/ Page URL
  2. https://banksdiscount.shop/goto.php HTTP 302
    https://banksdiscount.shop/nahuibot_manual.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
banksdiscount.shop/
706 B
1 KB
Document
General
Full URL
https://banksdiscount.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16a4ce4587352632bb6d7bcbbe6e83d246061f2fb2c807cba9b3f4785d3b2ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b204e692baf921d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 03 Apr 2023 09:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld902VUYjU%2BeHzL24Cq2pOtTJnbGQk08UyQPg14vK4KD4jalUi34U%2BAVl0AAxevpWXiLoRfOsJw7G0e2JTRQxHD4ItM45darPkFvXow5p5rKueKYYkOPWnB6TOhDcuO%2BCIFbHXFLzX5JIlMYRtKE63s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/
156 KB
18 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2125105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17437
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-26f1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xd3DajloUX2pQLmnw%2B43ivGuunl4io8ZtdT0kx9T5W2NaV9mCPbHmRBybP1NPzs4ObR6xU2R5jBcAKO2%2Bcb%2BYXU%2F7lFInFPnHShnRsFaZvrX1khyAZJ2%2FOD2YVY7iQ7aV5vDjiJxX6VjSockBtXsmZOj"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b204e697b662c18-FRA
expires
Sat, 23 Mar 2024 09:32:46 GMT
nahuibot.css
banksdiscount.shop/main/
452 B
578 B
Stylesheet
General
Full URL
https://banksdiscount.shop/main/nahuibot.css
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d459b55c38218a0a486e4fb42328488b0afd159d74b9b8b924c65c87e9227e3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 23 Jan 2022 20:09:00 GMT
server
cloudflare
etag
W/"61edb5dc-1c4"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VybZeDvTaI4dNwIkZlmKr1irlphqOYaXrAnXZl7%2F1CSiK%2F7HIC%2BAVzbKvsC24%2FZSBCU6nvuMQn83O21DotgUViyskRAg71xtmBYDEm2wjU3iJRRZM6mU7TwABHphoNejke6U504G9SiQejhvNDA5WGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
7b204e696bdf921d-FRA
goto.js
banksdiscount.shop/main/
205 B
480 B
Script
General
Full URL
https://banksdiscount.shop/main/goto.js
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0344a4426f7fd50226f979bd58f6cde34263c247ece66ac9a9b8ea85267cd80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 27 Mar 2023 23:12:58 GMT
server
cloudflare
etag
W/"642222fa-cd"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kx%2F1JETsYIaiACPOLFEqqBOJn6G3HNZlrDfRtFfTyp5bKK9Zf%2FifFRnE7BQHt0e0tzy%2BZsIQqHWHgKqcVCzRpvzgllgr0CkjOnzgk1tM9Cg2MoK8uUbJ7Pg7uCZdJzmWMo6LlCW2tdsmjpquMKovLsM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
7b204e696be1921d-FRA
nahuiframe.html
banksdiscount.shop/main/ Frame 024F
526 B
838 B
Document
General
Full URL
https://banksdiscount.shop/main/nahuiframe.html
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0047f96c342fe42485dbdf5599702357ec53ad1f15d972699bdf2fbbfcc1e649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banksdiscount.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b204e698bcc9bfb-FRA
content-encoding
br
content-type
text/html
date
Mon, 03 Apr 2023 09:32:46 GMT
last-modified
Thu, 25 Aug 2022 20:35:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yL6fDkx6pQ5nHK4mg3tOoZ5JWDjoTkgnUzthoZhgJ5UIfH5QfFhvehVKpki6OtJcKFbFA5Uqk1k%2BWY3T3Hj5784bUQunbRM6K7l%2FzCyTSsssBLcK8AusnAIE%2FYCgGAG9iZ0W%2BmbbOzy9kOznFbyNiDA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
nahuibot.css
banksdiscount.shop/main/ Frame 024F
452 B
730 B
Stylesheet
General
Full URL
https://banksdiscount.shop/main/nahuibot.css
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/main/nahuiframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d459b55c38218a0a486e4fb42328488b0afd159d74b9b8b924c65c87e9227e3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/main/nahuiframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 23 Jan 2022 20:09:00 GMT
server
cloudflare
etag
W/"61edb5dc-1c4"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OloGTks4xQ9blGeTPlF2iiOc0SwZQoJpRQommK3ezWvnCMTF57FGCwHRY%2BnTMNeHVZicGEYIIOUq1hQ8odR8WtJgvGsLC3NDP5GjiQTrwpEWF1XwPgfglh7z%2FczPCtWZM3F08rvMlKovRPH2%2BgJvW3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
7b204e69dc4b9bfb-FRA
favicon.png
banksdiscount.shop/main/ Frame 024F
68 B
587 B
Image
General
Full URL
https://banksdiscount.shop/main/favicon.png
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/main/nahuiframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/main/nahuiframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 23 Jan 2022 20:09:00 GMT
server
cloudflare
etag
"61edb5dc-44"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwY0kIAIdxcKZA0DRgXTQg7enRoZTa%2B7u4euGe1U7RqfW0P1vkbYXD8B9MOz9UDE%2BehKWdhG%2FpRP5wVQZ9HQyZoxJ9PPD9wUpsao%2BD9pDFfkkE6CjxvHStDXsYtGme3VkFkpeX3rXEDwmQOLRieJcfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b204e69dc4c9bfb-FRA
nahuibot.js
banksdiscount.shop/main/ Frame 024F
771 B
855 B
Script
General
Full URL
https://banksdiscount.shop/main/nahuibot.js
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/main/nahuiframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbf5182fed96d7284b55ba9ec45eba0abb63cefb3f0df4a5ef3ea36e29a0b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/main/nahuiframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 25 Aug 2022 16:23:11 GMT
server
cloudflare
etag
W/"6307a1ef-303"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlkGb76DeWrtKZq5udZLGC1Yh84XrObLELPRvKD%2BpOKOVEJa7nUvft2sJ1QalvLlePu7YiBxFnpEngg1ZjMDkTG9V1UY0ygWdxXLMymV3QPP1T0Nxf4tswROvb4QWU2aShjlm2JVEtjSN0TK2vzmAA0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
7b204e69ec519bfb-FRA
truncated
/ Frame 024F
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdb30873bdf16770bfea1fe86e44db7476e504c2dca1542b0660b20f47f523a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
Primary Request nahuibot_manual.php
banksdiscount.shop/
Redirect Chain
  • https://banksdiscount.shop/goto.php
  • https://banksdiscount.shop/nahuibot_manual.php
38 KB
28 KB
Document
General
Full URL
https://banksdiscount.shop/nahuibot_manual.php
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198d2e75522f3e72d6212c228ef76da68581a7ca16cdd89dc914a128c13e280d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banksdiscount.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b204e6d6a729bfb-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 03 Apr 2023 09:32:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6L7%2BtY%2BGRILGTsloAInG5ghLv0AOO2O7V30uajioSXXUHoDNFH0fDnP4HurF6QKHiZ8lUPf506ajFHITEtSFo1Ij6bgfYk1TE2KG9n7pwAbXrZ3rgxg7wu0NSari%2FMZyIzcE2R%2BKYwg1dIpbi1oLCPU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b204e6d2a1b9bfb-FRA
content-type
text/html; charset=UTF-8
date
Mon, 03 Apr 2023 09:32:47 GMT
location
/nahuibot_manual.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6UsE5G46sTVIZf5IsQ1nxkmZqcKYUx%2BD9IkkA3RQuKtVepP9LjhsNQ%2BnCMaQAz7tAvHA9f0MHxcugykpTyyGBvxnRScslOLiMRlz2FqhHa6N5D2icZHuMJx4Oi4cIXzZqDPKzdOFxZXZnxiYlDs2Xs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
truncated
/
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72815915bf08aee3184ace1edc5ac72d4153da72a62f0fa149e13a52992f8b7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
6.jpg
banksdiscount.shop/img/
3 KB
4 KB
Image
General
Full URL
https://banksdiscount.shop/img/6.jpg
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/nahuibot_manual.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2b5bf3c1c508b4ce52e0e8718fa1d571e30145cea52014d07e45a548760692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/nahuibot_manual.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3225
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 14 Jan 2023 03:44:15 GMT
server
cloudflare
etag
"63c2250f-c99"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytVO7N41y1xTPLmHe5qghNkKqgh7rJemM62KckyHohWfoI4Ty50nz15r%2BinQoMsi9jBEkd%2BNDuVdoFr1qYranMLuhTc1dbAeVJAzIn%2FouItzRmd6SZZCe6mDxIYQN5y8Fgm6fzS7dKTzkQEl3uJcn38%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b204e6daae89bfb-FRA
1.jpg
banksdiscount.shop/img/
4 KB
4 KB
Image
General
Full URL
https://banksdiscount.shop/img/1.jpg
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/nahuibot_manual.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98ccc21d902bba08e6a532d657cc02c626cd6c2daa5b3b3f6c445127eac5c0ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/nahuibot_manual.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3714
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 14 Jan 2023 03:44:07 GMT
server
cloudflare
etag
"63c22507-e82"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sC2Cy6jCd2JklADAXlYSRyWWiOEiWxuV1wdxtM1PBu6oojlIj8U0RHSBWneJkyh%2FVH3%2FoTF24bewwgDJsSVghvSJd489OSmbqsu9jzKXrlW8Swa3mKwefJc2jbxZ2pSkOz%2BFn4Oy%2F9vAAzpx7qIeJTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b204e6daaea9bfb-FRA
3.jpg
banksdiscount.shop/img/
3 KB
4 KB
Image
General
Full URL
https://banksdiscount.shop/img/3.jpg
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/nahuibot_manual.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3271d3c405a655cf7b66dbb33525b0fdb5bc8f1df27f2b1835fafca9de30a871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/nahuibot_manual.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3143
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 14 Jan 2023 03:44:23 GMT
server
cloudflare
etag
"63c22517-c47"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fsopt%2BM3nQQV%2BoEIN%2F0PhomSMggIayishd49tPfTLfoWhD3GKALOLFIOCozXm2a3%2FZSqy1CTAvbIicMBrc1Q6mGVQAh8TyIDvr6MK2c5xbIKHYywkC6FaKz32Tp3ph6zjfbDlVkHWmho2iwgk%2FD6fhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b204e6daaeb9bfb-FRA
4.jpg
banksdiscount.shop/img/
3 KB
4 KB
Image
General
Full URL
https://banksdiscount.shop/img/4.jpg
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/nahuibot_manual.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53505cc18ca3ef5f6a834c4cf1642a7186597376fa11086882cb4fddee59eec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/nahuibot_manual.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3177
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 14 Jan 2023 03:44:18 GMT
server
cloudflare
etag
"63c22512-c69"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OecOD18t%2FxrTe5LrINmz3ISHtSJKaT2%2BGbtSXTGTvupxWX2Sqh00YTW5A7WS7beHBxqksf8XzIhF5YTOqBLvW6HJKGJMMOlUT3V0Rprzh6%2BC45yEn%2Fx1O89dBrLRiXlm%2F6ZlnUDsyHqtL0bd6BQB%2FDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b204e6daaee9bfb-FRA
2.jpg
banksdiscount.shop/img/
3 KB
3 KB
Image
General
Full URL
https://banksdiscount.shop/img/2.jpg
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/nahuibot_manual.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc969f6e700561e51b48637b0e0c5286e9a9854884f81617aa6049e40379c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/nahuibot_manual.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2851
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 14 Jan 2023 03:44:20 GMT
server
cloudflare
etag
"63c22514-b23"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3KivWZP0rCLt9nwApNxPIplfRfcJwuMHJtNvZyqkfg%2Bs%2BUhLuzXeQELN0zCfc9z5r0n4%2BUKNHHTMHLTotGUCieQ378caI2gHvWsocTJD396Y%2FRwGS%2B8g%2FLKbxox62hXchbSs%2BYkOEIa2BymZoZTT0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b204e6daaf09bfb-FRA
5.jpg
banksdiscount.shop/img/
3 KB
3 KB
Image
General
Full URL
https://banksdiscount.shop/img/5.jpg
Requested by
Host: banksdiscount.shop
URL: https://banksdiscount.shop/nahuibot_manual.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:df3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8125a4132bbd0c48fbbee7e88f3e0415db47457777c1de7e9763fdcdc2f6197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banksdiscount.shop/nahuibot_manual.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 09:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2952
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 14 Jan 2023 03:44:12 GMT
server
cloudflare
etag
"63c2250c-b88"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cb2SED7zaPtF7zj7bBjRyxMpyFTgSHlWyucLJXgC3B6HnzyZNDrSDtrUtz1hLfhKuAFnD3eqwRiKoBBaF63SmDiULXkddbmckSJIpOBb%2Fs7IfIv5ldcCjnTESbnRv4OPo7a7DR7kipm3l1nkxyP2w48%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b204e6daaf49bfb-FRA

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

3 Cookies

Domain/Path Name / Value
banksdiscount.shop/ Name: t_page
Value: main
banksdiscount.shop/ Name: c_page
Value: Lw%3D%3D
banksdiscount.shop/ Name: human
Value: 5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block